Wireshark-commits: [Wireshark-commits] master 91bbc58: elastic: make fields all the same.
URL: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=91bbc584022eb8288a8b124f2f247749843cc10e
Submitter: "Dario Lombardo <lomato@xxxxxxxxx>"
Changed: branch: master
Repository: wireshark
Commits:
91bbc58 by Dario Lombardo (lomato@xxxxxxxxx):
elastic: make fields all the same.
The outputs of -T ek and -G elastic-mapping don't match. To be effective
the fields in the mapping report and the fields in the traffic output must
be the same.
2 issues have been fixed. The elastic-mapping requires the parent protocol
to be prepended to the field to match the traffic output. The field "dns.a"
has been changed to "dns_dns_a".
The traffic output prints some fields with a leading "text_". This happens
for some fields that have been created under a text only field. One example
is "dns.a", that was printed as "text_dns_a". This has been fixed by accessing
the parent hfinfo resulting in "dns_dns_a" as other fields for the dns
protocol.
Bug: 15759
Change-Id: Ibd000c865102ca49bb6a6394019a475483eae4cc
Reviewed-on: https://code.wireshark.org/review/33099
Petri-Dish: Dario Lombardo <lomato@xxxxxxxxx>
Tested-by: Petri Dish Buildbot
Reviewed-by: Eneko Gómez <eneko.gomez.tecnalia@xxxxxxxxx>
Reviewed-by: Dario Lombardo <lomato@xxxxxxxxx>
Actions performed:
from 07aa2a8 docsis: fix for encrypted DOCSIS PDU packets do not match the filter 'eth.dst'
add 91bbc58 elastic: make fields all the same.
Summary of changes:
epan/print.c | 8 +-
epan/proto.c | 2 +-
test/baseline/dhcp.ek | 16 +-
test/baseline/elastic-mapping-ip-subset.json | 315 +++++++++++++++++++++++++--
test/suite_clopts.py | 1 +
5 files changed, 305 insertions(+), 37 deletions(-)