Wireshark-dev: Re: [Wireshark-dev] Using col_set_str(pinfo->cinfo, COL_PROTOCOL, "some_string")
Date Index · Thread Index · Other Months · All Mailing Lists
Date Prev · Date Next · Thread Prev · Thread Next
From: "Darien Spencer" <cusneud@xxxxxxxx>
Date: Sat, 1 Jul 2017 19:20:07 +0200
The protocol filter isn't based on the value in the protocol column.
Instead it's based on the value given to the protocol registration method 'proto_register_protocol'
Look at the example here:
https://www.wireshark.org/docs/wsdg_html_chunked/ChDissectAdd.html
the filter will be 'foo' since the 3rd argument to this method is 'foo'.
Did you use 'some_string' there as well?
 
Darien 
 
Sent: Saturday, July 01, 2017 at 6:30 PM
From: "Richard Sharpe" <realrichardsharpe@xxxxxxxxx>
To: "Developer support list for Wireshark" <wireshark-dev@xxxxxxxxxxxxx>
Subject: [Wireshark-dev] Using col_set_str(pinfo->cinfo, COL_PROTOCOL, "some_string") but cannot filter on some_string
Hi folks,

In a sub-dissector I am writing I have the following:

col_set_str(pinfo->cinfo, COL_PROTOCOL, "some_string");

The sub-dissector is called from the 802.11 dissector and calls itself
wlan frames.

Everything builds and the particular frames of interest show up as
"some_string" in the Protocol column, but I cannot filter on
some_string. No frames/packets show up. However, if I filter on wlan
the packets show up, and if I filter on fields in the packets labeled
"some_string.some_other_string" the packets show up.

Is there something more I need to do to make this work?

--
Regards,
Richard Sharpe
(何以解憂?唯有杜康。--曹操)
___________________________________________________________________________
Sent via: Wireshark-dev mailing list <wireshark-dev@xxxxxxxxxxxxx>
Archives: https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev
mailto:wireshark-dev-request@xxxxxxxxxxxxx?subject=unsubscribe