Ask Your Question

Revision history [back]

cannot add details in info column

hi,

I'm implementing wireshark native dissector plugins on top of company internal dissector which is embedded in a customized version of wireshark itself. Let's call it protocol ABC. I don't have the sources of this dissector. So I took the opensource wireshark version this internal version is relying on, build in this environment and load the libraries in user plugins folder.

The company internal dissector is on top of ethernet. A dissector table is defined, let's say abc.messageid and I associate each dissector to a different messageid. It may not be the best option, but it works. Let's take an example with dissector "def".

I'm trying to add packet name in the Info column, but I have some difficulties. What I mean is that the Info column does not display the according text as expected (hereunder "def"). If I right-click on my "def" message and use "apply as column", the text auto-magically appears in the Info column and I have a new "def" column (that I don't really want). I can then hide this column and share the corresponding preferences with my users, but it's not very convenient. I want the message name to be displayed in the Info column without any "advanced" configuration.

I used g_warn "debug" instructions to check how many times the dissect_def function is invoked (it is invoked twice), I also debugged the program in the debugger to check whether the second invocation would "erase" the first "pass" invocation but it never appears when my preferences are clean (understand full removed).

Here is the involved piece of code:

static int
dissect_def(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree _U_, void *data _U_)
{
    guint offset = 0;

    col_clear(pinfo->cinfo, COL_INFO);
    col_add_fstr(pinfo->cinfo, COL_INFO, "def");
...

There is probably something obvious I missed, but any advice from experts would help.

Thank you,

yohann