On Mar 31, 2009, at 1:19 PM, gogrady@xxxxxxxxx wrote:
I have read through both of those, though i probably should do it
again now that i know more. But maybe I'm just confused on how the
others are outputted. right now i add to the tree with:
time = (_GetMsgTime)();
pi = proto_tree_add_text(icom_message_tree, tvb, 0, 0, "Time: %s",
time);
Wireshark expects to be handed a raw blob of binary packet data, and
to *itself* fetch values from that blob and generate *its own* human-
readable descriptions, so that it can do more with fields in packets
than just display them to the user.
If your DLL is handed the raw blob, and returns only human-readable
descriptions of fields, it's not going to work very well in a
Wireshark dissector.