Wireshark mailing list archives
Re: Display filter implementation
From: Gilbert Ramirez <gram () alumni rice edu>
Date: Wed, 4 Jul 2012 06:20:02 -0700
There is a makefile target called dftest that is used to test the display filter engine. Its dependencies are the minimal set of dependencies you need. Gilbert On Jul 4, 2012 3:18 AM, "Lloyd" <lloydkl.tech () gmail com> wrote:
On Wed, Jul 4, 2012 at 12:05 AM, Guy Harris <guy () alum mit edu> wrote:On Jul 2, 2012, at 8:12 AM, Lloyd wrote:I would like to know more about Wireshark display filters. Is its internals are documented? Especially the display filter execution virtual machine's instruction set. I saw the instructions (Byte code) in the source tree, I would like to know more about it, any documentation available?None other than the source code and whatever comments are in it. Note that we make no guarantee that any detail of the implementation isfixed and unchanging, so the way it works internally now might not be the way it works internally in the future. (We should preserve the way it works for users, modulo fixing bugs and making extensions and perhaps dealing better with character encodings.) I'm not *anticipating* major changes; I'm just saying you shouldn't depend on, for example, the byte code never changing in an incompatible fashion.)___________________________________________________________________________Sent via: Wireshark-dev mailing list <wireshark-dev () wireshark org> Archives: http://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-request () wireshark org?subject=unsubscribe Thanks Guy Harris. Would like to know one more thing, is it possible to build display filter module alone in the Windows environment? If not in Windows at least in Linux? Does it has complex dependencies? Thanks, Lloyd ___________________________________________________________________________ Sent via: Wireshark-dev mailing list <wireshark-dev () wireshark org> Archives: http://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-request () wireshark org ?subject=unsubscribe
___________________________________________________________________________ Sent via: Wireshark-dev mailing list <wireshark-dev () wireshark org> Archives: http://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-request () wireshark org?subject=unsubscribe
Current thread:
- Display filter implementation Lloyd (Jul 02)
- Re: Display filter implementation Guy Harris (Jul 03)
- Re: Display filter implementation Lloyd (Jul 04)
- Re: Display filter implementation Gilbert Ramirez (Jul 04)
- Re: Display filter implementation Lloyd (Jul 04)
- Re: Display filter implementation Lloyd (Jul 04)
- Re: Display filter implementation Guy Harris (Jul 03)