On Thu, Feb 06, 2003 at 09:55:52AM -0500, Jason House wrote:
> The best answers are sometimes by example.
> You have two approaches:
> One way is you can do the approach of tap-iostat.c
> The only trick there becomes adding what you want to the filter
> string...
No, he'd need more than that. He wants to extract a particular protocol
field, so he'd actually have to use edt->tree.
That's a bit of work. The closest thing to an example of that is the
"proto_hier_stats.c" code; "process_tree()", and the routines it calls,
give somewhat of an example of what would be done.
If, for example, he wanted the SSRC field from RTP, he'd have to:
1) get the "header_field_info *" values for the "rtp.ssrc"
field, and for the "rtp" protocol field, using
"proto_registrar_get_byname()",
2) have his code loop through all the top-level protocol nodes
in the "edt->tree" tree, starting with
"g_node_first_child(edt->tree)" and iterating using
"g_node_next_sibling()", getting the "field_info *" for the
node with "PITEM_FINFO()" and looking for nodes where the
"hfinfo" member of that node is equal to the pointer to the
"header_field_info *" for "rtp";
3) when it finds one of those nodes, do a recursive walk of the
subtree whose root node is that node, looking for nodes where
the "hfinfo" member of that node is the "header_field_info *"
value for "rtp.ssrc";
4) when that node is found, use "fvalue_get_integer()" to get
the value of that node, passing it the "value" member of that
node.