Jeff Morriss wrote:
Rick Gudmundson wrote:
I'm playing around with a customized diameter profile with respect to
the columns. I'm getting different results between the command code
and the result code.
If I add a new custom column for the result code, it gets presented as
its enumerated value. So instead of 2001 it prints "DIAMETER_SUCCESS".
If I do the same for the command code, it instead prints 280 instead
of Device-WatchdogAnswer. The difference is that the result code is an
AVP while the command code is a fixed three bytes in the diameter
protocol.
I'd like to change my presentation, if possible, to print the text
version of the command code, but I'm not sure where to find that part
of the code within Wireshark.
I don't think it can be made to work like you want.
Um, I guess I need to eat that email. VendorIDs are for AVPs, not
command codes. <sigh>
So: all you should need to do is build a value_string of all the command
codes (hopefully from dictionary.xml) and register it on this field in
the Diameter dissector:
{ &hf_diameter_avp_code,
{ "AVP Code", "diameter.avp.code", FT_UINT32,
BASE_DEC, NULL, 0, NULL, HFILL }},
I suppose that the "from dictionary.xml" may be the hard part here,
though I've never really looked.