search

Wireshark - 0.99.7 Guide de l'utilisateur Page 121

  • Télécharger
  • Ajouter à mon manuel
  • Imprimer
  • Page
    / 147
  • Table des matières
  • MARQUE LIVRES
    • Noté. / 5. Basé sur avis des utilisateurs
Vue de la page 120
},
{ &hf_foo_endflag,
{ "FOO PDU End Flags", "foo.flags.end",
FT_BOOLEAN, 8,
NULL, FOO_END_FLAG,
NULL, HFILL }
},
{ &hf_foo_priorityflag,
{ "FOO PDU Priority Flags", "foo.flags.priority",
FT_BOOLEAN, 8,
NULL, FOO_PRIORITY_FLAG,
NULL, HFILL }
},
...
proto_tree_add_item(foo_tree, hf_foo_flags, tvb, offset, 1, FALSE);
proto_tree_add_item(foo_tree, hf_foo_startflag, tvb, offset, 1, FALSE);
proto_tree_add_item(foo_tree, hf_foo_endflag, tvb, offset, 1, FALSE);
proto_tree_add_item(foo_tree, hf_foo_priorityflag, tvb, offset, 1, FALSE); offset += 1;
Some things to note here. For the flags, as each bit is a different flag, we use the type
FT_BOOLEAN, as the flag is either on or off. Second, we include the flag mask in the 7th field of
the data, which allows the system to mask the relevant bit. We've also changed the 5th field to 8, to
indicate that we are looking at an 8 bit quantity when the flags are extracted. Then finally we add the
extra constructs to the dissection routine. Note we keep the same offset for each of the flags.
This is starting to look fairly full featured now, but there are a couple of other things we can do to
make things look even more pretty. At the moment our dissection shows the packets as "Foo Pro-
tocol" which whilst correct is a little uninformative. We can enhance this by adding a little more de-
tail. First, let's get hold of the actual value of the protocol type. We can use the handy function
tvb_get_guint8 to do this. With this value in hand, there are a couple of things we can do. First we
can set the INFO column of the non-detailed view to show what sort of PDU it is - which is ex-
tremely helpful when looking at protocol traces. Second, we can also display this information in the
dissection window.
Example 9.13. Enhancing the display.
static void
dissect_foo(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree)
{
guint8 packet_type = tvb_get_guint8(tvb, 0);
if (check_col(pinfo->cinfo, COL_PROTOCOL)) {
col_set_str(pinfo->cinfo, COL_PROTOCOL, "FOO");
}
/* Clear out stuff in the info column */
if (check_col(pinfo->cinfo,COL_INFO)) {
col_clear(pinfo->cinfo,COL_INFO);
}
if (check_col(pinfo->cinfo, COL_INFO)) {
col_add_fstr(pinfo->cinfo, COL_INFO, "Type %s",
val_to_str(packet_type, packettypenames, "Unknown (0x%02x)"));
}
if (tree) { /* we are being asked for details */
proto_item *ti = NULL;
proto_tree *foo_tree = NULL;
gint offset = 0;
ti = proto_tree_add_item(tree, proto_foo, tvb, 0, -1, FALSE);
proto_item_append_text(ti, ", Type %s",
val_to_str(packet_type, packettypenames, "Unknown (0x%02x)"));
foo_tree = proto_item_add_subtree(ti, ett_foo);
proto_tree_add_item(foo_tree, hf_foo_pdu_type, tvb, offset, 1, FALSE);
offset += 1;
So here, after grabbing the value of the first 8 bits, we use it with one of the built-in utility routines
val_to_str, to lookup the value. If the value isn't found we provide a fallback which just prints the
value in hex. We use this twice, once in the INFO field of the columns - if it's displayed, and simil-
Packet dissection
107
Vue de la page 120
1 2 ... 116 117 118 119 120 121 122 123 124 125 126 ... 146 147

Commentaires sur ces manuels

Pas de commentaire
  • QSI Sonic-reality True Residential ZuumMedia USB Share
  • KitchenAid Kits de voiture Crunch Kits de voiture Siemens Pompes à eau Hunter Engineering Accessoires pour portoirs Oster Transformateurs de denrées alimentaires
  • Zanussi ZTE220 Whip Mix Xcavator Keurig B155 Rabbit RCM2200 Razer Star Wars: The Old Republic
  • Acer TravelMate 6231 Manuel de l'utilisateur LG LRV810TT Manuel de l'utilisateur Fujitsu ScanSnap S300M Manuel de l'utilisateur NEC NP-V300W Fiche technique Lenovo ThinkServer TS430 Manuel de l'utilisateur