Wireshark mailing list archives
Re: Shard Output Format
From: Oliver-Tobias Ripka <otr () bockcay de>
Date: Fri, 13 Sep 2019 16:56:17 +0200
I guess so. For my use case I need to have the 1s and 0s (and in general the format that will also work as a right hand display filter value) like in tshark formats it rather than the human readable form. Reading through the proto_custom_set function in epan/proto.c it seems that the change might have other side effects on other types than just booleans though. All the best, Oliver According to Dario Lombardo on Fri, Sep 13 2019:
Won't that change the behavior of the whole system? Is that what you want? On Fri, Sep 13, 2019 at 4:40 PM Oliver-Tobias Ripka <otr () bockcay de> wrote:Hello Dario, I'm doing a "frames" requests. After some debugging I found the following patch seems to do what I want. https://github.com/oripka/wireshark/commit/c9d39a54f4f182ef2784c660a6e51f4b6a782523 All the best, Oliver According to Dario Lombardo on Fri, Sep 13 2019:Which sharks commands are you using? On Fri, Sep 13, 2019 at 1:23 PM Oliver-Tobias Ripka <otr () bockcay de>wrote:Hello List, I am looking to influence the output format of the sharkd json. For example tshark -T fields -e tcp.flags.syn, formats the flag as 0or 1Sharkd outputs "Set", "Not Set" similar to adding a column in the Wireshark GUI. I was looking at the function sharkd_dissect_columns in sharkd.c but couldn't directly find an option to change the formatting. How can I influece the behaviour of sharkd to not resolve the values into "Set" and "Not Set"? All the best, Oliver --___________________________________________________________________________Sent via: Wireshark-dev mailing list <wireshark-dev () wireshark org> Archives: https://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-request () wireshark org ?subject=unsubscribe-- Naima is online.___________________________________________________________________________Sent via: Wireshark-dev mailing list <wireshark-dev () wireshark org> Archives: https://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-request () wireshark org?subject=unsubscribe -- ___________________________________________________________________________ Sent via: Wireshark-dev mailing list <wireshark-dev () wireshark org> Archives: https://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-request () wireshark org ?subject=unsubscribe-- Naima is online.
___________________________________________________________________________ Sent via: Wireshark-dev mailing list <wireshark-dev () wireshark org> Archives: https://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-request () wireshark org?subject=unsubscribe
-- ___________________________________________________________________________ Sent via: Wireshark-dev mailing list <wireshark-dev () wireshark org> Archives: https://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-request () wireshark org?subject=unsubscribe
Current thread:
- Shard Output Format Oliver-Tobias Ripka (Sep 13)
- Re: Shard Output Format Dario Lombardo (Sep 13)
- Re: Shard Output Format Oliver-Tobias Ripka (Sep 13)
- Re: Shard Output Format Dario Lombardo (Sep 13)
- Re: Shard Output Format Oliver-Tobias Ripka (Sep 13)
- Re: Shard Output Format Guy Harris (Sep 13)
- Re: Shard Output Format Oliver-Tobias Ripka (Sep 13)
- Re: Shard Output Format Dario Lombardo (Sep 13)