[prev in list] [next in list] [prev in thread] [next in thread]
List: wireshark-dev
Subject: Re: [Wireshark-dev] Global variables
From: Jaap Keuter <jaap.keuter () xs4all ! nl>
Date: 2010-07-29 20:03:35
Message-ID: 4C51DE97.2030207 () xs4all ! nl
[Download RAW message or body]
On 07/29/2010 09:46 PM, Guy Harris wrote:
>
> On Jul 29, 2010, at 8:02 AM, César Gomes wrote:
>
>> I'm currently working on a dissector, and I need to make so that one
>> variable has the same value at the begining of a capture, the value then
>> can change, but in the beginning it has to be the same, how can I do that?
>
> Note that there is no guarantee that, in Wireshark, after the file has been
> read in for the first time, your packets will be dissected in order. When
> the file is read in, each packet is dissected in order (note, however, that
> there is no guarantee that you will be asked to build a protocol tree on that
> first dissection, so don't build state only if the tree argument is
> non-null!), and you can use that pass to build state.
To add to this, you can use the frame data visited flag for this. In release 1.4
and trunk this flag is available through a macro:
#define PINFO_FD_VISITED(pinfo) ((pinfo)->fd->flags.visited)
In release 1.0 and 1.2 you'll have to code it yourself.
> After that, users can
> click on whatever packets they want, in whatever order they want, and, when a
> packet is clicked on, it is dissected.
>
> In other words, do *NOT* maintain, in a global variable, state that changes
> from packet to packet, and assume that, when a packet is dissected, the state
> will reflect only the packets before the packet in question. You might have
> to attach state information to packets in order to dissect them after the
> first pass.
___________________________________________________________________________
Sent via: Wireshark-dev mailing list <wireshark-dev@wireshark.org>
Archives: http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
mailto:wireshark-dev-request@wireshark.org?subject=unsubscribe
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic