Wireshark mailing list archives
Re: changing the time
From: Evan Huus <eapache () gmail com>
Date: Wed, 30 Jan 2013 07:44:04 -0500
You can add the new timestamp as a regular dissected field. Wireshark allows you to create columns out of arbitrary fields in dissected packets. Cheers, Evan On Wed, Jan 30, 2013 at 4:51 AM, Natalie Shapira <nd1234 () gmail com> wrote:
Anyway, you gave me other idea. What about making new column of my_timestamp and sort by that column... Do I have the ability to add a new column from a dissector? On Wed, Jan 30, 2013 at 11:46 AM, Natalie Shapira <nd1234 () gmail com> wrote:I have no choice. It's a workaround for a hardware bug. On Wed, Jan 30, 2013 at 11:05 AM, Anders Broman <anders.broman () ericsson com> wrote:Hi, Those are the timestamps of packet arrival there should be no need to change them from a dissector - sounds like a bad idea to me. Regards Anders ________________________________ From: wireshark-dev-bounces () wireshark org [mailto:wireshark-dev-bounces () wireshark org] On Behalf Of Natalie Shapira Sent: den 30 januari 2013 09:16 To: wireshark-dev () wireshark org Subject: [Wireshark-dev] changing the time Hi everybody, It's my first question so, nice to meet you! I'm writing new dissector (plugin). I want to change the time of the packet. I tried to change pinfo->fd->rel_ts.secs and pinfo->fd->rel_ts.nsecs. It looks like I did it BUT, after sorting, not all packets are in the exact place. Do you have an example, idea or any recommendation? Thanks, Natalie. ___________________________________________________________________________ Sent via: Wireshark-dev mailing list <wireshark-dev () wireshark org> Archives: http://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-request () wireshark org?subject=unsubscribe___________________________________________________________________________ Sent via: Wireshark-dev mailing list <wireshark-dev () wireshark org> Archives: http://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-request () wireshark org?subject=unsubscribe
___________________________________________________________________________ Sent via: Wireshark-dev mailing list <wireshark-dev () wireshark org> Archives: http://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-request () wireshark org?subject=unsubscribe
Current thread:
- changing the time Natalie Shapira (Jan 30)
- Re: changing the time Anders Broman (Jan 30)
- Re: changing the time Natalie Shapira (Jan 30)
- Re: changing the time Natalie Shapira (Jan 30)
- Re: changing the time Evan Huus (Jan 30)
- Re: changing the time Natalie Shapira (Jan 30)
- Re: changing the time Martin Mathieson (Jan 31)
- Re: changing the time Natalie Shapira (Jan 31)
- Re: changing the time Natalie Shapira (Jan 30)
- Re: changing the time Anders Broman (Jan 30)