Wireshark mailing list archives
Re: [Wireshark-commits] master 8d65ccf: Show answers a line at a time, after the request frame and time delta.
From: Guy Harris <guy () alum mit edu>
Date: Wed, 25 Dec 2019 13:49:53 -0800
On Dec 25, 2019, at 1:35 PM, Maynard, Chris <Christopher.Maynard () IGT com> wrote:
On Dec 25, 2019, at 3:19 PM, Guy Harris <guy () alum mit edu> wrote:And, given that, is there any need to show the full text in the top-level item?Well, showing the full text allows for full "Copy -> Value" to continue to work, and including the full text in a single "whos.answer" should, in theory at least, allow for pattern matching with the matches operator across lines, which the current implementation no longer allows.
What's displayed to in the packet details pane and what's the value of the field from the point of view of Copy > Value
and of operators testing the field value aren't necessarily the same. (From the internal point of view, a field_info
structure:
typedef struct field_info {
header_field_info *hfinfo; /**< pointer to registered field information */
gint start; /**< current start of data in field_info.ds_tvb */
gint length; /**< current data length of item in field_info.ds_tvb */
gint appendix_start; /**< start of appendix data */
gint appendix_length; /**< length of appendix data */
gint tree_type; /**< one of ETT_ or -1 */
guint32 flags; /**< bitfield like FI_GENERATED, ... */
item_label_t *rep; /**< string for GUI tree */
tvbuff_t *ds_tvb; /**< data source tvbuff */
fvalue_t value;
} field_info;
has a "rep" field, showing the "string for GUI tree" (or for the output of tshark -V, or...), and a "value" field,
storing the field value.
___________________________________________________________________________
Sent via: Wireshark-dev mailing list <wireshark-dev () wireshark org>
Archives: https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev
mailto:wireshark-dev-request () wireshark org?subject=unsubscribe
Current thread:
- Re: [Wireshark-commits] master 8d65ccf: Show answers a line at a time, after the request frame and time delta. Maynard, Chris via Wireshark-dev (Dec 25)
- Re: [Wireshark-commits] master 8d65ccf: Show answers a line at a time, after the request frame and time delta. Guy Harris (Dec 25)
- Re: [Wireshark-commits] master 8d65ccf: Show answers a line at a time, after the request frame and time delta. Maynard, Chris via Wireshark-dev (Dec 25)
- Re: [Wireshark-commits] master 8d65ccf: Show answers a line at a time, after the request frame and time delta. Guy Harris (Dec 25)
- Re: [Wireshark-commits] master 8d65ccf: Show answers a line at a time, after the request frame and time delta. Maynard, Chris via Wireshark-dev (Dec 25)
- Re: [Wireshark-commits] master 8d65ccf: Show answers a line at a time, after the request frame and time delta. Guy Harris (Dec 25)
- Re: [Wireshark-commits] master 8d65ccf: Show answers a line at a time, after the request frame and time delta. Maynard, Chris via Wireshark-dev (Dec 25)
- Re: [Wireshark-commits] master 8d65ccf: Show answers a line at a time, after the request frame and time delta. Maynard, Chris via Wireshark-dev (Dec 25)
- Re: [Wireshark-commits] master 8d65ccf: Show answers a line at a time, after the request frame and time delta. Guy Harris (Dec 25)