Wireshark mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Shard Output Format

From: Oliver-Tobias Ripka <otr () bockcay de>
Date: Fri, 13 Sep 2019 16:56:17 +0200
I guess so. For my use case I need to have the 1s and 0s (and in general
the format that will also work as a right hand display filter value)
like in tshark formats it rather than the human readable form. 

Reading through the proto_custom_set function in epan/proto.c it seems
that the change might have other side effects on other types than just 
booleans though.

All the best,

Oliver

According to Dario Lombardo on Fri, Sep 13 2019:


Won't that change the behavior of the whole system? Is that what you want?

On Fri, Sep 13, 2019 at 4:40 PM Oliver-Tobias Ripka <otr () bockcay de> wrote:


Hello Dario,

I'm doing a "frames" requests.

After some debugging I found the following patch seems to do what
I want.


https://github.com/oripka/wireshark/commit/c9d39a54f4f182ef2784c660a6e51f4b6a782523

All the best,

Oliver


According to Dario Lombardo on Fri, Sep 13 2019:


Which sharks commands are you using?

On Fri, Sep 13, 2019 at 1:23 PM Oliver-Tobias Ripka <otr () bockcay de>

wrote:



Hello List,

I am looking to influence the output format of the sharkd json.

For example tshark -T fields -e tcp.flags.syn, formats the flag as 0

or 1


Sharkd outputs "Set", "Not Set" similar to adding a column in the
Wireshark GUI. I was looking at the function sharkd_dissect_columns in
sharkd.c but couldn't directly find an option to change the formatting.

How can I influece the behaviour of sharkd to not resolve the values
into "Set" and "Not Set"?

All the best,

Oliver
--


___________________________________________________________________________

Sent via:    Wireshark-dev mailing list <wireshark-dev () wireshark org>
Archives:    https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev
             mailto:wireshark-dev-request () wireshark org
?subject=unsubscribe




--

Naima is online.





___________________________________________________________________________

Sent via:    Wireshark-dev mailing list <wireshark-dev () wireshark org>
Archives:    https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev
             mailto:wireshark-dev-request () wireshark org

?subject=unsubscribe


--
___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev () wireshark org>
Archives:    https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev
             mailto:wireshark-dev-request () wireshark org
?subject=unsubscribe




-- 

Naima is online.



___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev () wireshark org>
Archives:    https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev
             mailto:wireshark-dev-request () wireshark org?subject=unsubscribe



-- 
___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev () wireshark org>
Archives:    https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev
             mailto:wireshark-dev-request () wireshark org?subject=unsubscribe
Previous By Date Next
Previous By Thread Next

Current thread: