I think you can mostly get what you want using col_set_fence().
Assuming your protocol's abbreviated name is "XYZ", if you do this:
if (check_col(pinfo->cinfo, COL_PROTOCOL))
{
col_set_str(pinfo->cinfo, COL_PROTOCOL, "XYZ/");
col_set_fence(pinfo->cinfo, COL_PROTOCOL);
}
.... then when your dissector passes off dissection to say ARP, you
should end up seeing "XYZ/ARP" in the protocol column, instead of just
"ARP". I haven't tried it, but I think that will work, although it may
not be exactly what you're looking for.
- Chris
-----Original Message-----
From: wireshark-dev-bounces@xxxxxxxxxxxxx
[mailto:wireshark-dev-bounces@xxxxxxxxxxxxx] On Behalf Of Jeff Morriss
Sent: Friday, March 14, 2008 5:43 PM
To: Developer support list for Wireshark
Subject: Re: [Wireshark-dev] Is there anyway to control what will be
displayin the "protocol column"?
yenan wrote:
>
> Hi guys
> I am currently trying to write a plugin dissector for a kind of
> dedicated packet which will encapsulate some other type of packets(IP,
> ARP...etc), I do not want to display the encapsulated packet's
protocol
> in the "protocol column", I will rather to keep the lower layer one's
> protocol one this column.
>
> For example , if there is a ARP packet encapsulated, I will rather
not
> display ARP on the "protocol column" , but do display ARP packet
> details in the "packet detail" pane
>
> In short, is there anyway I can control what layer's protocol will be
> display on the "protocol column"?
col_set_writable(..., FALSE) makes it so that no one can write into any
of the columns. I don't think there is a way to do it for just one
column, though.
_______________________________________________
Wireshark-dev mailing list
Wireshark-dev@xxxxxxxxxxxxx
http://www.wireshark.org/mailman/listinfo/wireshark-dev
-----------------------------------------
This email may contain confidential and privileged material for the
sole use of the intended recipient(s). Any review, use, retention,
distribution or disclosure by others is strictly prohibited. If you
are not the intended recipient (or authorized to receive for the
recipient), please contact the sender by reply email and delete all
copies of this message. Also, email is susceptible to data
corruption, interception, tampering, unauthorized amendment and
viruses. We only send and receive emails on the basis that we are
not liable for any such corruption, interception, tampering,
amendment or viruses or any consequence thereof.