https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=3543
Summary: enhanced sFlow dissector
Product: Wireshark
Version: 1.2.0
Platform: x86
OS/Version: Mac OS X 10.5
Status: NEW
Severity: Enhancement
Priority: Low
Component: Wireshark
AssignedTo: wireshark-bugs@xxxxxxxxxxxxx
ReportedBy: yiyu.inbox@xxxxxxxxx
Created an attachment (id=3123)
--> (https://bugs.wireshark.org/bugzilla/attachment.cgi?id=3123)
current progress on sFlow v5 dissector implementation
Build Information:
wireshark 1.2.0
Copyright 1998-2009 Gerald Combs <gerald@xxxxxxxxxxxxx> and contributors.
This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
Compiled with GTK+ 2.16.1, with GLib 2.20.1, with libpcap 0.9.5, with libz
1.2.3, without POSIX capabilities, without libpcre, without SMI, without
c-ares,
without ADNS, without Lua, without GnuTLS, without Gcrypt, with MIT Kerberos,
without GeoIP, without PortAudio, without AirPcap.
NOTE: this build doesn't support the "matches" operator for Wireshark filter
syntax.
Running on Darwin 9.7.0 (MacOS 10.5.7), with libpcap version 0.9.5.
Built using gcc 4.0.1 (Apple Inc. build 5490).
--
My work started with Wireshark 1.0.8. The existing sFlow dissector in 1.0.8
only support partial sFlow v2/4 packet formats. I have added the complete
support to sFlow v5, and some additional support according to InMon Corp.'s
request. Please see attachment. InMon's engineers have been testing my
dissector extensively and using it for their daily work.
Since Wireshark 1.2.0 has been released, I started to test my dissector with
it. So far so good, except PRIx64, PRIu64 etc will cause a syntax error message
when compiling (quoted below). This did not happen in 1.0.8. I had to use %llX
and %llu for now to continue testing and debugging. Please help you have any
idea what caused it.
--------------------------------------------------------------
Error message:
packet-sflow_245.c:1117: error: syntax error before ‘PRIX64’
--------------------------------------------------------------
Related code:
guint64 dest;
dest = tvb_get_ntoh64(tvb, offset) >> 16;
proto_tree_add_text(tree, tvb, offset, 8, "Destination MAC Address: 0x%"
PRIX64, dest);
--------------------------------------------------------------
--
Configure bugmail: https://bugs.wireshark.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.