On Wed, 3 Apr 2002, Guy Harris wrote:
> The right way to export that information is, as noted in earlier mail,
> to add a routine to "epan/proto.c" that takes, as an argument, a "const
> char *" pointing to the name of a field, and returns either
>
> a "header_field_info" pointer for that field, if such a field
> exists;
>
> a null pointer, if it doesn't.
>
> The simplest implementation would just do a linear search through all
> registered header fields, using a loop similar to the loop in
> "proto_registrar_dump()", searching for a field whose "name" field
> matches the specified one.
>
I have made a routine in epan/proto.c that takes in a const char *
pointing to a name of a field (eg "tcp.seq").
The routine finds the "hf_" number of the field, then uses
proto_registrar_get_nth()
with this number as the argument to return a header_field_info pointer.
Now I have enough information to access the data I require, right?
I loop through all packets, using a loop like the one in "print_packets"
in file.c
Now I am not sure exactly how I reference the data I want. Assuming I
have called my routine to get the header_field_info pointer, and I call
this pointer "*ptr"
Do i construct the tree using:
---------------------------------------------------
protocol_tree = proto_tree_create_root();
edt = epan_dissect_new(true,true);
/* How do I retrieve my data here?, in this case the tcp sequence
* number? I have the pointer, *ptr, found using
* proto_registrar_get_nth(x);
* where x is the "hf_" number of the field
*/
protocol_tree_free(protocol_tree);
-----------------------------------------------------
I must be missing somthing really simple here (i hope).
Thanks
--
Phil Williams
e-mail to csypbw@xxxxxxxxxxxxxxxx
