Wireshark mailing list archives
Re: can't filter field in wireshark
From: Moussa.Alawieh () zodiacaerospace com
Date: Thu, 18 Aug 2011 16:26:36 +0200
Can someone help me ???????????? De : Moussa Alawieh/LES ULIS/ZDF/BTECH/ZODIAC A : Developer support list for Wireshark <wireshark-dev () wireshark org> Date : 18/08/2011 16:10 Objet : Re: [Wireshark-dev] can't filter field in wireshark thanks for your response.... However, what you said is very importanty for me because I have put this function in many place of my code !!!! Is there any other function that can replace the "proto_tree_add_text()" ?? and do you think that it exist a way to satisfy my question in the precedent mail ??? regards ZODIAC DATA SYSTEMS SAS AEROSAFETY & TECHNOLOGY Moussa ALAWIEH Stagiaire moussa.alawieh () zodiacaerospace com http://www.zodiacaerospace.com De : Chris Maynard <Chris.Maynard () gtech com> A : wireshark-dev () wireshark org Date : 18/08/2011 15:57 Objet : Re: [Wireshark-dev] can't filter field in wireshark Envoyé par : wireshark-dev-bounces () wireshark org <Moussa.Alawieh@...> writes:
I put the result in Wireshark with the "proto_tree_add_text" function, but it's impossible to filter this field because it's a text !!!!! can someone help-me ??? regards
Don't use proto_tree_add_text(). To quote doc/README.developer: proto_tree_add_text() is used to add a label to the GUI tree. It will contain no value, so it is not searchable in the display filter process. This function was needed in the transition from the old-style proto_tree to this new-style proto_tree so that Wireshark would still decode all protocols w/o being able to filter on all protocols and fields. Otherwise we would have had to cripple Wireshark's functionality while we converted all the old-style proto_tree calls to the new-style proto_tree calls. In other words, you should not use this in new code unless you've got a specific reason (see below). ___________________________________________________________________________ Sent via: Wireshark-dev mailing list <wireshark-dev () wireshark org> Archives: http://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-request () wireshark org?subject=unsubscribe
___________________________________________________________________________ Sent via: Wireshark-dev mailing list <wireshark-dev () wireshark org> Archives: http://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-request () wireshark org?subject=unsubscribe
Current thread:
- can't filter field in wireshark Moussa . Alawieh (Aug 18)
- Re: can't filter field in wireshark Chris Maynard (Aug 18)
- Re: can't filter field in wireshark Moussa . Alawieh (Aug 18)
- Re: can't filter field in wireshark Jeff Morriss (Aug 18)
- Message not available
- Re: can't filter field in wireshark Moussa . Alawieh (Aug 18)
- Re: can't filter field in wireshark Graham Bloice (Aug 18)
- Re: can't filter field in wireshark Jaap Keuter (Aug 18)
- Re: can't filter field in wireshark Moussa . Alawieh (Aug 18)
- Re: can't filter field in wireshark Chris Maynard (Aug 18)