Wireshark mailing list archives
Re: tree view structuring
From: Brian Oleksa <oleksab () darkcornersoftware com>
Date: Wed, 05 Jan 2011 21:53:01 -0500
Guy Thanks for the reply.I do see all of these routines in my code (see below).....but I am not able to get it to work properly.
Can you provide me with a small example..?? Thanks, Brian Here is the code that I am trying to break up a little bit:In the Alares Control Extension...I would like to break up the 4 for loops (i.e. Number of Missing Messages, Number of Erasures, Last Heard and The Number of Last Known Transmitted Blocks for In Progress Messages)
void dissect_helen(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree) { proto_item *helen_item = NULL; proto_item *helen_sub_item = NULL; proto_tree *helen_tree = NULL; proto_tree *helen_header_tree = NULL; col_set_str(pinfo->cinfo, COL_PROTOCOL, PROTO_TAG_HELEN); col_clear(pinfo->cinfo, COL_INFO); if (tree) { guint32 offset = 0; guint32 orig_offset = 18; nstime_t t; guint64 msecs_since_the_epoch; struct tm *tmp;helen_item = proto_tree_add_item(tree, proto_helen, tvb, 0, -1, FALSE);
helen_tree = proto_item_add_subtree(helen_item, ett_helen); helen_header_tree = proto_item_add_subtree(helen_item, ett_helen);helen_sub_item = proto_tree_add_item(helen_tree, hf_helen_magic, tvb, offset, 2, FALSE);
offset += 2;helen_sub_item = proto_tree_add_item(helen_tree, hf_helen_checksum, tvb, offset, 8, FALSE);
offset += 8; msecs_since_the_epoch = tvb_get_ntoh64(tvb, offset); t.secs = msecs_since_the_epoch / 1000;t.nsecs = (msecs_since_the_epoch % 1000)*1000000; /* milliseconds to nanoseconds */
tmp = gmtime(&t.secs); if (tmp != NULL) {proto_tree_add_time_format(helen_tree, hf_helen_txTime, tvb, offset, 8, &t, "Date: %s %2d, %d %02d:%02d:%02d UTC", mon_names[tmp->tm_mon], tmp->tm_mday, tmp->tm_year + 1900, tmp->tm_hour, tmp->tm_min, tmp->tm_sec);
}helen_header_tree = proto_item_add_subtree(helen_sub_item, ett_helen);
{ #define MAX_BUFFER 1024 char *buf = (char*) ep_alloc(MAX_BUFFER); char * packet_name = ""; proto_tree *helen_sub_tree = NULL; offset = 18; for (;;) { guint16 code; guint16 numBytes = 0; guint unknownPacket = 0; guint codeOffset; offset = orig_offset; code = tvb_get_ntohs(tvb, offset); codeOffset = offset; offset += 2; switch (code) { case 0: packet_name = "End of Packet"; break; case 1020: packet_name = "New Alares Data Ext"; break; case 1021: packet_name = "New Alares Control Ext"; break; case 1022: packet_name = "Alares Tunnel Ext"; break; case 1023: packet_name = "Alares File Ext"; break; default: packet_name = "Unknown code"; unknownPacket = 1; break; } g_snprintf(buf, MAX_BUFFER, "%s", packet_name); if (unknownPacket) {g_snprintf(buf, MAX_BUFFER, "Unknown packet: %d", code);
}helen_item = proto_tree_add_text(tree, tvb, codeOffset, 2, "%s", buf); helen_sub_tree = proto_item_add_subtree(helen_item, ett_helen);
if (code == 0) { break; } numBytes = tvb_get_ntohs(tvb, offset); offset += 2; /*Alares Control Ext:*/ if (code == 1021) { guint8 noem; guint8 nolh; guint8 noe; guint8 nolktbfipm; guint index1, index2, index3, index4; //Elapsed Intervalsproto_tree_add_item(helen_sub_tree, hf_helen_elapsedintervals, tvb, offset, 4, FALSE);
offset += 4; //Healing Factorproto_tree_add_item(helen_sub_tree, hf_helen_healingfactor, tvb, offset, 2, FALSE);
offset += 2; //Number of Missing Messages noem = tvb_get_guint8(tvb, offset);proto_tree_add_item(helen_sub_tree, hf_helen_noem, tvb, offset, 1, FALSE);
offset += 1; for (index1 = 0; index1 < noem; index1++) { //Missing Data //Sessionproto_tree_add_item(helen_sub_tree, hf_helen_missingdatasession, tvb, offset, 16, FALSE);
offset += 16; //Messageproto_tree_add_item(helen_sub_tree, hf_helen_missingdatamessagenew, tvb, offset, 2, FALSE);
offset += 2; //Number of Erasures noe = tvb_get_guint8(tvb, offset);proto_tree_add_item(helen_sub_tree, hf_helen_noe, tvb, offset, 1, FALSE);
offset += 1; for (index2 = 0; index2 < noe; index2++) { //Erasures //Starting Blockproto_tree_add_item(helen_sub_tree, hf_helen_startingblock, tvb, offset, 4, FALSE);
offset += 4; //Ending Blockproto_tree_add_item(helen_sub_tree, hf_helen_endingblock, tvb, offset, 4, FALSE);
offset += 4; } } //Last Heard nolh = tvb_get_guint8(tvb, offset);proto_tree_add_item(helen_sub_tree, hf_helen_nolh, tvb, offset, 1, FALSE);
offset += 1; for (index3 = 0; index3 < nolh; index3++) { //Sesseion UUIDproto_tree_add_item(helen_sub_tree, hf_helen_sessionuuidlastheard, tvb, offset, 16, FALSE);
offset += 16; //Message Numberproto_tree_add_item(helen_sub_tree, hf_helen_messageNumber, tvb, offset, 2, FALSE);
offset += 2; }//Number of Last Known Transmitted Blocks for In Progress Messages
nolktbfipm = tvb_get_guint8(tvb, offset);proto_tree_add_item(helen_sub_tree, hf_helen_nolktbfipm, tvb, offset, 1, FALSE);
offset += 1; for (index4 = 0; index4 < nolktbfipm; index4++) { //Sesseionproto_tree_add_item(helen_sub_tree, hf_helen_sessionuuidlasttransmitted, tvb, offset, 16, FALSE);
offset += 16; //Messageproto_tree_add_item(helen_sub_tree, hf_helen_messageNumber, tvb, offset, 2, FALSE);
offset += 2;//Last Known Transmitted Block for In Progress Message proto_tree_add_item(helen_sub_tree, hf_helen_lastKnownTranmittedBlockAlaresControl, tvb, offset, 4, FALSE);
offset += 4; } } On 1/5/2011 3:35 PM, Guy Harris wrote:
On Jan 5, 2011, at 12:02 PM, Brian Oleksa wrote:I would like to do a little bit more structuring with my tree views. Is it possible to have a tree within a tree..??Yes. proto_item_add_subtree() takes, as arguments, a proto_item * returned by a proto_tree_add_ routine, and an ett_ value, and returns a proto_tree * for a tree placed underneath the item added by the proto_tree_add_ call; you can add items to that tree. This can be done to an arbitrary depth. The ett_ value identifies a particular type of subtree; if you expand one of them, Wireshark keeps track of that and, when you click on another packet, it automatically opens all subtrees of that type. If you close one of them, that gets turned off for that type. ___________________________________________________________________________ Sent via: Wireshark-dev mailing list<wireshark-dev () wireshark org> Archives: http://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-request () wireshark org?subject=unsubscribe
___________________________________________________________________________ Sent via: Wireshark-dev mailing list <wireshark-dev () wireshark org> Archives: http://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-request () wireshark org?subject=unsubscribe
Current thread:
- tree view structuring Brian Oleksa (Jan 05)
- Re: tree view structuring Guy Harris (Jan 05)
- Re: tree view structuring Brian Oleksa (Jan 05)
- Re: tree view structuring Guy Harris (Jan 05)
- Re: tree view structuring Brian Oleksa (Jan 06)
- Re: tree view structuring Brian Oleksa (Jan 05)
- Re: tree view structuring Alexis La Goutte (Jan 07)
- Re: tree view structuring Jaap Keuter (Jan 07)
- Re: tree view structuring Guy Harris (Jan 05)