Hal Lander wrote:
Wireshark has a field type FT_BOOLEAN.
It lets you add the boolean to the tree using
proto_tree_add_boolean(tree, id, tvb, start, length, value);
and is supposed to do all the bit shifting for you to extract the single bit
0 or 1.
I thought it might also provide some way for me to test the bit value?
Actually the last 'value' is, well, the value of the boolean (on the
system running Wireshark). You must have already pulled out 'value'
using one of the tvb functions (and bit shifted it, if necessary).