Is it possible to load an xml file to a custom plugin c dissector?

edit

In general, you can add any proto items as many times as you like, simply use a different tree pointer.

i have it like that:

static int iol_timestamp(tvbuff_t *tvb)
{
    nstime_t time;

    /* get timestamp */
    times.secs = tvb_get_guint64(tvb, 3, ENC_LITTLE_ENDIAN) / 1000000000ULL;
    times.nsecs = tvb_get_guint64(tvb, 3, ENC_LITTLE_ENDIAN) % 1000000000ULL;

    return time;
}

static int iol_master(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, guint32 offset)
{
    proto_item *iol_master_item = NULL;
    proto_tree *iol_master_tree = NULL;
    nstime_t time;

    /* add tree for actual iolink data (master command, check type) */ 

    iol_master_item = proto_tree_add_item(tree, proto_iolink, tvb, offset, 2, ENC_NA);
    proto_item_append_text(iol_master_item, " M-sequence [Master]");

    /* create a subtree */

    iol_master_tree = proto_item_add_subtree(iol_master_item, ett_iolink_frame);

    /* add bitmask for master command byte -> |r/w (7)| |communication channel (6,5)| |address (4-0)| */

    proto_tree_add_bitmask(iol_master_tree, tvb, offset, hf_iolink_mc, ett_iolink_frame, hf_iolink_mc_bits, ENC_LITTLE_ENDIAN);

    **time = iol_timestamp(tvb);
    proto_tree_add_time(iol_master_tree, hf_iolink_time, tvb, offset, 8, &time);**

    offset += 1; // increment offset (1byte)
...
return offset;
}

but like this no timestamp is displayed beneath the master command bitfield.

So you suggest just to create one more tree pointer, am i getting this right?

iol_timestamp() should return nstime_t, not an int. The rest looks OK.

yes sure nstime_t instead of int i already changed this in my code. thanks. I will try it again and see if it works.

Maybe heading to be another question now.

now it works fine, don't know why it didn't work before...i'm getting back to work on loading the xml. thanks and have a nice weekend!

An int is much smaller than an nstime_t so the return value was truncated. I'm surprised there wasn't a compiler warning.

sorry my mistake, there was a compiler warning and i changed the int to nstime_t before you mentioned, i just didn't tell you that. I don't know why it wasn't displayed in the first try but after the second it did.

I hope its okay to ask a second question here.

It's best to ask each question separately. This is a Q&A site, not a forum - it's best to think of a Q&A site as a "crowdsourced FAQ", in which each question is a separate item, and users can search for existing answers to their questions before asking (if you can get an answer without asking the question, you get the answer immediately, rather than having to wait for a reply).