A protocol tree will hold all necessary data to display the whole dissected packet.
Creating a protocol tree is done in a two stage process:
A static part at program startup, and a dynamic part when the dissection with the real packet data is done.<BR>
- The "static" information is provided by creating a hf_register_info hf[] array, and register it using the
+ The "static" information is provided by creating a hf_register_info hf[] array, and register it using the
proto_register_field_array() function. This is usually done at dissector registering.<BR>
- The "dynamic" information is added to the protocol tree by calling one of the proto_tree_add_...() functions,
+ The "dynamic" information is added to the protocol tree by calling one of the proto_tree_add_...() functions,
e.g. proto_tree_add_bytes().
*/
/** Structure for information about a protocol */
typedef struct _protocol protocol_t;
-
+
/** check protocol activation
* @todo this macro looks like a hack */
#define CHECK_DISPLAY_AS_X(x_handle,index, tvb, pinfo, tree) { \
__DISSECTOR_ASSERT (expression, __FILE__, __LINE__)))
#if 0
-/* win32: using a debug breakpoint (int 3) can be very handy while debugging,
+/* win32: using a debug breakpoint (int 3) can be very handy while debugging,
* as the assert handling of GTK/GLib is currently not very helpful */
#define DISSECTOR_ASSERT(expression) \
{ if(!(expression)) _asm { int 3}; }
file, lineno, __DISSECTOR_ASSERT_STRINGIFY(expression))))
/* BASE_STRUCTURE_RESET constant is used in proto.c to reset the bits
- * identifying special structures used in translation of value for display.
+ * identifying special structures used in translation of value for display.
* Its value means that we may have at most 16 base_display_e values */
#define BASE_STRUCTURE_RESET 0x0F
/* Following constants have to be ORed with a base_display_e when dissector
/** information describing a header field */
struct _header_field_info {
/* ---------- set by dissector --------- */
- const char *name; /**< full name of this field */
- const char *abbrev; /**< abbreviated name of this field */
- enum ftenum type; /**< field type, one of FT_ (from ftypes.h) */
- int display; /**< one of BASE_, or number of field bits for FT_BOOLEAN */
- const void *strings; /**< value_string, range_string or true_false_string,
- typically converted by VALS(), RVALS() or TFS().
- If this is an FT_PROTOCOL then it points to the
- associated protocol_t structure */
- guint32 bitmask; /**< bitmask of interesting bits */
- const char *blurb; /**< Brief description of field */
+ const char *name; /**< full name of this field */
+ const char *abbrev; /**< abbreviated name of this field */
+ enum ftenum type; /**< field type, one of FT_ (from ftypes.h) */
+ int display; /**< one of BASE_, or number of field bits for FT_BOOLEAN */
+ const void *strings; /**< value_string, range_string or true_false_string,
+ typically converted by VALS(), RVALS() or TFS().
+ If this is an FT_PROTOCOL then it points to the
+ associated protocol_t structure */
+ guint32 bitmask; /**< bitmask of interesting bits */
+ const char *blurb; /**< Brief description of field */
/* ------- set by proto routines (prefilled by HFILL macro, see below) ------ */
- int id; /**< Field ID */
- int parent; /**< parent protocol tree */
- hf_ref_type ref_count; /**< is this field referenced by a filter */
- int bitshift; /**< bits to shift */
+ int id; /**< Field ID */
+ int parent; /**< parent protocol tree */
+ hf_ref_type ref_type; /**< is this field referenced by a filter */
+ int bitshift; /**< bits to shift */
header_field_info *same_name_next; /**< Link to next hfinfo with same abbrev */
header_field_info *same_name_prev; /**< Link to previous hfinfo with same abbrev */
};
/** Used when registering many fields at once, using proto_register_field_array() */
typedef struct hf_register_info {
- int *p_id; /**< written to by register() function */
- header_field_info hfinfo; /**< the field info to be registered */
+ int *p_id; /**< written to by register() function */
+ header_field_info hfinfo; /**< the field info to be registered */
} hf_register_info;
/** Contains the field information for the proto_item. */
typedef struct field_info {
- header_field_info *hfinfo; /**< pointer to registered field information */
- gint start; /**< current start of data in field_info.ds_tvb */
- gint length; /**< current data length of item in field_info.ds_tvb */
- gint appendix_start; /**< start of appendix data */
- gint appendix_length; /**< length of appendix data */
- gint tree_type; /**< one of ETT_ or -1 */
- item_label_t *rep; /**< string for GUI tree */
- guint32 flags; /**< bitfield like FI_GENERATED, ... */
- tvbuff_t *ds_tvb; /**< data source tvbuff */
- fvalue_t value;
+ header_field_info *hfinfo; /**< pointer to registered field information */
+ gint start; /**< current start of data in field_info.ds_tvb */
+ gint length; /**< current data length of item in field_info.ds_tvb */
+ gint appendix_start; /**< start of appendix data */
+ gint appendix_length; /**< length of appendix data */
+ gint tree_type; /**< one of ETT_ or -1 */
+ item_label_t *rep; /**< string for GUI tree */
+ guint32 flags; /**< bitfield like FI_GENERATED, ... */
+ tvbuff_t *ds_tvb; /**< data source tvbuff */
+ fvalue_t value;
} field_info;
* shuffle the expert information upward; see below.
*/
-/** The protocol field should not be shown in the tree (it's used for filtering only),
+/** The protocol field should not be shown in the tree (it's used for filtering only),
* used in field_info.flags. */
/* HIDING PROTOCOL FIELDS IS DEPRECATED, IT'S CONSIDERED TO BE BAD GUI DESIGN! */
#define FI_HIDDEN 0x00000001
/** The protocol field is actually a URL */
#define FI_URL 0x00000004
-
/** convenience macro to get field_info.flags */
-#define FI_GET_FLAG(fi, flag) (fi->flags & flag)
+#define FI_GET_FLAG(fi, flag) ((fi) ? (fi->flags & flag) : 0)
/** convenience macro to set field_info.flags */
-#define FI_SET_FLAG(fi, flag) (fi->flags = fi->flags | flag)
+#define FI_SET_FLAG(fi, flag) ((fi) ? (fi->flags = fi->flags | flag) : 0)
/** One of these exists for the entire protocol tree. Each proto_node
* in the protocol tree points to the same copy. */
typedef struct {
GHashTable *interesting_hfids;
gboolean visible;
+ gboolean fake_protocols;
gint count;
} tree_data_t;
#define PTREE_DATA(proto_tree) ((proto_tree)->tree_data)
/** Sets up memory used by proto routines. Called at program startup */
-extern void proto_init(void (register_all_protocols_func)(register_cb cb, gpointer client_data),
- void (register_all_handoffs_func)(register_cb cb, gpointer client_data),
+extern void proto_init(void (register_all_protocols_func)(register_cb cb, gpointer client_data),
+ void (register_all_handoffs_func)(register_cb cb, gpointer client_data),
register_cb cb, void *client_data);
/** This function takes a tree and a protocol id as parameter and
will return TRUE/FALSE for whether the protocol or any of the filterable
fields in the protocol is referenced by any fitlers.
- If this function returns FALSE then it is safe to skip any
+ If this function returns FALSE then it is safe to skip any
proto_tree_add_...() calls and just treat the call as if the
dissector was called with tree==NULL.
If you reset the tree to NULL by this dissector returning FALSE,
* in the item is relative to the beginning of the data source tvbuff,
* we need to pass in a tvbuff.
@param ti the item to set the length
- @param tvb end is relative to this tvbuff
+ @param tvb end is relative to this tvbuff
@param end this end offset is relative to the beginning of tvb
@todo make usage clearer, I don't understand it!
*/
By setting this correctly, the proto_tree creation is sped up by not
having to call g_vsnprintf and copy strings around.
@param tree the tree to be set
- @param visible ... or not */
-extern void
+ @param visible ... or not
+ @return the old value */
+extern gboolean
proto_tree_set_visible(proto_tree *tree, gboolean visible);
+/** Indicate whether we should fake protocols during dissection (default = TRUE)
+ @param tree the tree to be set
+ @param fake_protocols TRUE if we should fake protocols */
+extern void
+proto_tree_set_fake_protocols(proto_tree *tree, gboolean fake_protocols);
+
/** Mark a field/protocol ID as "interesting".
@param tree the tree to be set
@param hfid the interesting field id
@param ... printf like parameters
@return the newly created item */
extern proto_item *
-proto_tree_add_debug_text(proto_tree *tree, const char *format,
+proto_tree_add_debug_text(proto_tree *tree, const char *format,
...) GNUC_FORMAT_CHECK(printf,2,3);
/** Fill given label_str with string representation of field
@param fi the item to get the info from
- @param label_str the string to fill
+ @param label_str the string to fill
@todo think about changing the parameter profile */
extern void
proto_item_fill_label(field_info *fi, gchar *label_str);
/** Register a new protocol.
@param name the full name of the new protocol
@param short_name abbreviated name of the new protocol
- @param filter_name protocol name used for a display filter string
+ @param filter_name protocol name used for a display filter string
@return the new protocol handle */
extern int
proto_register_protocol(const char *name, const char *short_name, const char *filter_name);
extern const char *proto_get_protocol_long_name(protocol_t *protocol);
/** Is protocol's decoding enabled ?
- @param protocol
+ @param protocol
@return TRUE if decoding is enabled, FALSE if not */
extern gboolean proto_is_protocol_enabled(protocol_t *protocol);
/** Points to the first element of an array of Booleans, indexed by
a subtree item type. That array element is TRUE if subtrees of
- an item of that type are to be expanded. With MSVC and a
+ an item of that type are to be expanded. With MSVC and a
libwireshark.dll, we need a special declaration. */
WS_VAR_IMPORT gboolean *tree_is_expanded;
-/** Number of elements in the tree_is_expanded array. With MSVC and a
+/** Number of elements in the tree_is_expanded array. With MSVC and a
* libwireshark.dll, we need a special declaration. */
WS_VAR_IMPORT int num_tree_types;
extern guchar
proto_check_field_name(const gchar *field_name);
+
+/** Check if given string is a valid field name
+ @param field_id the field id used for custom column
+ @param result the buffer to fill with the field string
+ @param expr the filter expression
+ @param aize the size of the string buffer */
+const gchar *
+proto_custom_set(proto_tree* tree, int field_id,
+ gchar *result,
+ gchar *expr, int size );
+
#ifdef __cplusplus
}
#endif /* __cplusplus */
git.samba.org / obnox / wireshark / wip.git / blobdiff