Wireshark-users: Re: [Wireshark-users] when using tshark -T, the result xml is not exactly the sa
damker <damker@...> writes:
> When using tshark -T pdml and protocol is BSSAP,there is different node:
>
> But in whireshark there is not:
Apparently -T pdml prints all the hidden fields as well, even if Wireshark isn't
configured to display them. You can allow Wireshark to display the hidden
fields by enabling it via Edit -> Preferences -> Protocols -> "Display hidden
protocol items".
This seems like a bug to me in that -T pdml should not be displaying hidden
fields if Wireshark is not configured to display them. Feel free to file a bug
report for this.
But the question I had to ask myself was, "Why is the BSSAP dissector displaying
this as a hidden item in the first place?" i.e., why do the following in
dissect_bssap():
/*
* create the bssap protocol tree
*/
hidden_item = proto_tree_add_item(tree, proto_bssap, tvb, 0, -1, ENC_NA);
PROTO_ITEM_SET_HIDDEN(hidden_item);
bssap_item = proto_tree_add_text(tree, tvb, 0, -1, (bssap_or_bsap_global ==
BSSAP) ? "BSSAP" : "BSAP");
I believe the only reason was because the author wasn't sure how else to display
"BSSAP" vs. "BSAP", but this is easy to do using
proto_tree_add_protocol_format(). I've committed a change in r44509 to fix
this. This also has the benefit that the "Protocol Preferences ..." menu item
works now as it should.
- Chris
