Wireshark · Wireshark-dev: Re: [Wireshark-dev] LUA development changing column headers

Wireshark-dev: Re: [Wireshark-dev] LUA development changing column headers

From: "Luis EG Ontanon" <luis@xxxxxxxxxxx>

Date: Mon, 16 Jun 2008 15:10:13 +0200

pinfo.cols.protocol = "MyProto"
should work

possible pinfo.columns indexes are:

static const struct col_names_t colnames[] = {
    {"number",COL_NUMBER},
    {"abs_time",COL_ABS_TIME},
    {"cls_time",COL_CLS_TIME},
    {"rel_time",COL_REL_TIME},
    {"date",COL_ABS_DATE_TIME},
    {"delta_time",COL_DELTA_TIME},
    {"delta_time_displayed",COL_DELTA_TIME_DIS},
    {"src",COL_DEF_SRC},
    {"src_res",COL_RES_SRC},
    {"src_unres",COL_UNRES_SRC},
    {"dl_src",COL_DEF_DL_SRC},
    {"dl_src_res",COL_RES_DL_SRC},
    {"dl_src_unres",COL_UNRES_DL_SRC},
    {"net_src",COL_DEF_NET_SRC},
    {"net_src_res",COL_RES_NET_SRC},
    {"net_src_unres",COL_UNRES_NET_SRC},
    {"dst",COL_DEF_DST},
    {"dst_res",COL_RES_DST},
    {"dst_unres",COL_UNRES_DST},
    {"dl_dst",COL_DEF_DL_DST},
    {"dl_dst_res",COL_RES_DL_DST},
    {"dl_dst_unres",COL_UNRES_DL_DST},
    {"net_dst",COL_DEF_NET_DST},
    {"net_dst_res",COL_RES_NET_DST},
    {"net_dst_unres",COL_UNRES_NET_DST},
    {"src_port",COL_DEF_SRC_PORT},
    {"src_port_res",COL_RES_SRC_PORT},
    {"src_port_unres",COL_UNRES_SRC_PORT},
    {"dst_port",COL_DEF_DST_PORT},
    {"dst_port_res",COL_RES_DST_PORT},
    {"dst_port_unres",COL_UNRES_DST_PORT},
    {"protocol",COL_PROTOCOL},
    {"info",COL_INFO},
    {"packet_len",COL_PACKET_LENGTH},
    {"cumulative_bytes",COL_CUMULATIVE_BYTES},
    {"oxid",COL_OXID},
    {"rxid",COL_RXID},
    {"direction",COL_IF_DIR},
    {"circuit_id",COL_CIRCUIT_ID},
    {"src_idx",COL_SRCIDX},
    {"dst_idx",COL_DSTIDX},
    {"vsan",COL_VSAN},
    {"tx_rate",COL_TX_RATE},
    {"rssi",COL_RSSI},
    {"hpux_subsys",COL_HPUX_SUBSYS},
    {"hpux_devid",COL_HPUX_DEVID},
    {"dce_call",COL_DCE_CALL},
    {NULL,0}
};

On Mon, Jun 16, 2008 at 2:38 PM, Rowswell, Brent
<brent.rowswell@xxxxxxxx> wrote:
> Thank you for getting back to me so quickly,
>
> So you're saying that I can edit the text in the pinfo.columns field,
> which should mean that I can change say Protocol, where it normally puts
> TCP, UDP, etc.  to any string that I want?  If so, what would be the
> correct syntax to do so?  pinfo.columns:_newindex("Protocol",
> "NameOfProto") doesn't seem to work, which makes me think that my syntax
> is off.
>
> Brent Rowswell
>
> -----Original Message-----
> From: wireshark-dev-bounces@xxxxxxxxxxxxx
> [mailto:wireshark-dev-bounces@xxxxxxxxxxxxx] On Behalf Of Luis EG
> Ontanon
> Sent: Friday, June 13, 2008 4:57 AM
> To: Developer support list for Wireshark
> Subject: Re: [Wireshark-dev] LUA development changing column headers
>
> You cannot add columns that way using Lua, Lua can use just the columns
> that are already there under pinfo.columns ...
> The outdated example you talk about does not create a column it just
> switches over the src and dst addresses.
>
>
> On Fri, Jun 13, 2008 at 12:04 AM, Rowswell, Brent
> <brent.rowswell@xxxxxxxx> wrote:
>> Over the past few weeks I've been trying to make a LUA script to parse
>
>> out my header information, open up the packet and display the
>> necessary data in a various tree structure.  So far all of that has
>> been done well enough, but I find that the packets that I have
>> dissected come maybe once every 300 packets, which makes it pretty
>> hard to compare packets.  What I've been trying to do is either edit
>> the packet column data, such as where the ip source or destination is
>> displayed into my own data, or add a new column of my own type so that
>
>> I can sort the data, which will then put all of my packets next to
>> each other.  I know that on the wiki of lua examples there's an
>> outdated way of doing something similar, but it no longer works with
>> the current 1.0.0 build of wireshark.  I was wondering if I could get
>> some help in how the syntax should look, for instance if this would
>> work:  using pinfo.cols to grab the packet's columns, and upon that
>> use :_newindex("Msgtype", "NameofMsg") to put in a new column named
>> Msgtype where this packets data in that column would be NameofMsg,
>> thus the message would look like
>>
>> pinfo.cols:_newindex("Msgtype","NameofMsg")
>> If anyone can think of another way of doing this, either by adding a
>> new column or changing the text of an existing one, I would be
> appreciative.
>>
>> Brent Rowswell
>>
>> _______________________________________________
>> Wireshark-dev mailing list
>> Wireshark-dev@xxxxxxxxxxxxx
>> https://wireshark.org/mailman/listinfo/wireshark-dev
>>
>>
>
>
>
> --
> This information is top security. When you have read it, destroy
> yourself.
> -- Marshall McLuhan
> _______________________________________________
> Wireshark-dev mailing list
> Wireshark-dev@xxxxxxxxxxxxx
> https://wireshark.org/mailman/listinfo/wireshark-dev
> _______________________________________________
> Wireshark-dev mailing list
> Wireshark-dev@xxxxxxxxxxxxx
> https://wireshark.org/mailman/listinfo/wireshark-dev
>



-- 
This information is top security. When you have read it, destroy yourself.
-- Marshall McLuhan

References:
- [Wireshark-dev] LUA development changing column headers
  - From: Rowswell, Brent
- Re: [Wireshark-dev] LUA development changing column headers
  - From: Luis EG Ontanon
- Re: [Wireshark-dev] LUA development changing column headers
  - From: Rowswell, Brent

Prev by Date: Re: [Wireshark-dev] LUA development changing column headers
Next by Date: [Wireshark-dev] LUA development highlighting bytefield display with LUA
Previous by thread: Re: [Wireshark-dev] LUA development changing column headers
Next by thread: [Wireshark-dev] buildbot failure in Wireshark (development) on Ubuntu-7.10-x86-64
Index(es):
- Date
- Thread