IMO, yes, most of the occurences of hidden fields are bad.
The reason I added hidden fields was to deal with the addresses in the
FDDI dissector. There the possibility exists that the MAC addresses
are bit-swapped in the packet, so one version is put into the tree
visibly, while the bit-swapped version is put into the proto_tree
hidden.
--gilbert
On 7/8/05, Ulf Lamping <ulf.lamping@xxxxxx> wrote:
>
> Hi List!
>
> I'm currently looking at the checksum protocol fields. For example, the TCP checksum will usually look like:
>
> Checksum: 0x5424 [correct]
>
> and if it's bad:
>
> Checksum: 0x5424 [incorrect, should be 0x1234]
>
> In this case, a hidden boolean field is added to be able to filter on this item (e.g. to see only "bad checksummed" packets).
>
> Question: Why do we hide this field at all?
>
> I don't see any good reason to hide this (and alike) fields. If someone wants to use it, he must *know* that it's available and must *know* it's name. This doesn't seem to be very intuitive.
>
> Is there any reason I'm too blind to see?
>
> IMO this field should be visible and marked as generated, so it will look like: [Bad Checksum: True]
>
> Regards, ULFL
>
> P.S: The same *may* apply to most (all?) other hidden fields as well?!?
> _________________________________________________________________________
> Mit der Gruppen-SMS von WEB.DE FreeMail können Sie eine SMS an alle
> Freunde gleichzeitig schicken: http://freemail.web.de/features/?mc=021179
>
>
>
> _______________________________________________
> Ethereal-dev mailing list
> Ethereal-dev@xxxxxxxxxxxx
> http://www.ethereal.com/mailman/listinfo/ethereal-dev
>
>