Wireshark mailing list archives
Packet Diagram shows only raw bytes of a subtree instead of individual fields
From: "Maynard, Christopher via Wireshark-dev" <wireshark-dev () wireshark org>
Date: Thu, 26 Nov 2020 18:18:56 +0000
Many protocols contain subtrees, such as a header with various fields that are part of the header, and it's convenient/logical to group those fields within the header subtree. However, doing so results in a Packet Diagram that only shows the raw bytes of the subtree rather than the individual fields contained within the subtree. So either I'm doing something wrong, in which case I welcome any suggestions for improving the display, or there seems to be a current limitation to the way the Packet Diagram behaves with respect to subtrees. Has anyone else noticed this? As an example, I've crafted together a Lua dissector for a fictional protocol, "Foo" along with an associated sample capture file to illustrate what I mean. I've also attached an image of the Packet Diagram showing the "Foo Header" as raw bytes only. What would be nicer to see are the individual header fields themselves, such as for this example: Foo Header: 0 15 16 31 +-------------------------------+ | Magic | +---------------+---------------+ | Type | Length | +---------------+---------------+ Is there a way to achieve this while still grouping the fields within a subtree? Thanks. - Chris CONFIDENTIALITY NOTICE: This message is the property of International Game Technology PLC and/or its subsidiaries and may contain proprietary, confidential or trade secret information. This message is intended solely for the use of the addressee. If you are not the intended recipient and have received this message in error, please delete this message from your system. Any unauthorized reading, distribution, copying, or other use of this message or its attachments is strictly prohibited.
Attachment:
foo_hdr.pcap
Description: foo_hdr.pcap
Attachment:
foo.lua
Description: foo.lua
___________________________________________________________________________ Sent via: Wireshark-dev mailing list <wireshark-dev () wireshark org> Archives: https://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-request () wireshark org?subject=unsubscribe
Current thread:
- Packet Diagram shows only raw bytes of a subtree instead of individual fields Maynard, Christopher via Wireshark-dev (Nov 26)
- Re: Packet Diagram shows only raw bytes of a subtree instead of individual fields Graham Bloice (Nov 26)
- Re: Packet Diagram shows only raw bytes of a subtree instead of individual fields John Thacker (Nov 26)
- Re: Packet Diagram shows only raw bytes of a subtree instead of individual fields Gerald Combs (Nov 30)
- Re: Packet Diagram shows only raw bytes of a subtree instead of individual fields ronnie sahlberg (Nov 30)
- Re: Packet Diagram shows only raw bytes of a subtree instead of individual fields Gerald Combs (Nov 30)