Re: Filter expression aliases and parameterization ...

[Simon Barber via Wireshark-dev <wireshark-dev () wireshark org>]

I'd love to be able to add these, for example instead of writing

wlan.fc.type_subtype == 0x19

write

wlan.beacon

Simon

On Wed, Nov 8, 2017 at 12:27 AM, Richard Sharpe <realrichardsharpe () gmail com
> wrote:

> Hi folks,
>
> At SharkFest Europe someone asked me about the possibility of the
> filter expressions in the SMB2 dissector being prefixed with smb2 or
> smb3.
>
> That is: smb2.flags.replay or smb3.flags.replay.
>
> In addition, when I use dissector functions (through a dissector
> table) from another protocol, I would like to be able to replace some
> prefix of it's filter expressions.
>
> For example, in packet-ieee1905.c I call dissect_wps_tlvs but I would
> like to change the strings "wps.*" with "ieee1905.*".
>
> I am thinking of adding an ability to specify a replacement string in
> the handling of filter expressions.
>
> Can anyone think of another way of doing this?
>
> --
> Regards,
> Richard Sharpe
> (何以解憂？唯有杜康。--曹操)
> ____________________________________________________________
> _______________
> Sent via:    Wireshark-dev mailing list <wireshark-dev () wireshark org>
> Archives:    https://www.wireshark.org/lists/wireshark-dev
> Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev
>              mailto:wireshark-dev-request () wireshark org?subject=
> unsubscribe
___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev () wireshark org>
Archives:    https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev
             mailto:wireshark-dev-request () wireshark org?subject=unsubscribe