Re: What ftypes are "compatible" enough for duplicate fields?

[Guy Harris <guy () alum mit edu>]

On Feb 21, 2014, at 12:08 PM, Hadriel Kaplan <hadriel.kaplan () oracle com> wrote:

> Also, FT_IPv4 and FT_IPv6 are frequently in duplicate fields.  Should they be/not-be?  Display filter 
> input/verification might have issues with it, but it seems logical to have generic "foo.src"/"foo.dst"/etc. fields of 
> both types.

The one place where we're doing that with ".src" and ".dst" is in the PGM dissector; in, for example, a Source Path 
Message, there's a field specifying the Address Family Indicator (AFI) for the source address and another specifying 
the address, which could be IPv4, IPv6, or, in theory, a number of other types.

If we support, for example, "pgm.nak.src == 127.0.0.1" and "pgm.nak.src == ::1", with the former failing for an IPv6 
pgm.nak.src and the latter failing for an IPv4 pgm.nak.src, that might work - if we do "pgm.nak.src == hostname", I'd 
be tempted to have that match either hostname's IPv4 or IPv6 addresses (and, if it has multiple IPv4 or IPv6 addresses, 
matching any of them, if we don't already do that).
___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev () wireshark org>
Archives:    http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
             mailto:wireshark-dev-request () wireshark org?subject=unsubscribe