I have been facing this issue for a very long time. I have a field (an integer) which is 00 00 24 20 in the byte stream. When I try to display it as decimal in my dissector, it shoes an incorrect value. That is because I want the dissector to take the value as 02 24 00 00 instead. Basically, I want the reverse order.
How to display in that way?? How to use htonl/ntohl etc in the code.
asked 26 Jul '11, 04:43
Also: see the final 'encoding' argument of
Note well (again from README.developer):
Don't fetch a little-endian value using "tvb_get_ntohs() or "tvb_get_ntohl()" and then using "g_ntohs()", "g_htons()", "g_ntohl()", or "g_htonl()" on the resulting value - the g_ routines in question convert between network byte order (big-endian) and host byte order, not little-endian byte order; not all machines on which Wireshark runs are little-endian, even though PCs are. Fetch those values using "tvb_get_letohs()" and "tvb_get_letohl()".
answered 26 Jul '11, 07:04
Bill Meier ♦