Ethereal-dev: Re: [Ethereal-dev] A question about the proto_tree_add_XXX

Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.

Date Prev · Date Next · Thread Prev · Thread Next
Date Index · Thread Index · Other Months · All Mailing Lists
From: Kelvin You <kelvin.sdc@xxxxxxxxx>
Date: Fri, 9 Dec 2005 17:51:18 +0800
So if I have a array of mac address need parser, and I don't need the display filter, I would better using  the first way ?

On 12/9/05, Guy Harris <gharris@xxxxxxxxx> wrote:
Kelvin You wrote:

>  We use
>         proto_tree_add_text(tree, tvb, offset,  6,  "MAC Address %d:
> %s",  index, ether_to_str(src_addr));
>  to add a formated text to the tree item.

Well, you also have to get "src_addr" in the first place:

       src_addr = tvb_get_ptr(tvb, offset, 6);

>  Also we can use:
> ...
>     static hf_register_info hf[] =
>     {
>         /* ----------     Demultiplex Layer    ------------- */
>         { &hf_xxx_macaddr,
>             { "MAC Address",          " xxx.macaddr",
>             FT_ETHER, BASE_NONE, NULL, 0x00,
>             "", HFILL }
>         },
>
> proto_tree_add_ether_format(tree, hf_xxx_macaddr, tvb, offset,  6,
> ether_to_str(src_addr), "MAC Address %d: %s",  index,
> ether_to_str(src_addr));

No.  You can, however, use

       src_addr = tvb_get_ptr(tvb, offset, 6);
       proto_tree_add_ether_format(tree, hf_xxx_macaddr, tvb, offset, 6,
src_addr, "MAC Address %d: %s", index, ether_to_str(src_addr));

You supply the raw MAC address as the value for hf_xxx_macaddr, not the
string generated from the MAC address.

> what's the difference between the two way?
> It seems the the second method have more redundancy. why not substitute
> the second way with the first one always ?

The first way puts an unnamed entry into the protocol tree; you cannot
write a display filter that matches packets where one of the MAC
addresses in the list happens to be equal to a particular value.  The
second way puts a *named* entry, so you can do

       xxx.macaddr == 00:00:08:00:00:0c

to match packets that have one of the "xxx.macaddr" fields equal to
00:00:08:00:00:0c.

If you have only *one* MAC address, rather than a *sequence* of them,
you could do

       proto_tree_add_item(tree, hf_xxx_macaddr, offset, 6, FALSE);

which has even less redundancy than the proto_tree_add_text() call - you
only specify "tvb" and "offset" once, and you don't specify "MAC
Address" or "ether_to_str()", or call "tvb_get_ptr()", at all.

If it's very common that people have arrays of identical items, we
could, I guess, add a "proto_tree_add_array_element_item()" or something
such as that - you'd also pass it "index", and it'd put the "%d" (or,
more likely, "%u") after the field name.

_______________________________________________
Ethereal-dev mailing list
Ethereal-dev@xxxxxxxxxxxx
http://www.ethereal.com/mailman/listinfo/ethereal-dev