Howdy,
The current packet-netflow.c dissector has a big switch (pen_type) {...}
block in dissect_v9_v10_pdu_data(), which looks up specific known netflow/ipfix
fields as it walks netflow v9/10 PDUs.
Unfortunately, it's a bit of a hack as pen_type is a guint64 and a switch
statement will
Hello,
I have some queries regarding XML data dissection in Wireshark.
Right now all the protocols in Wireshark can be dissected using pcap files.
Now I have a requirement to use XML data to dissect some of the(ranap, mtp3
etc..) Wireshark protocols. after doing some investigation, I found
On Sun, Nov 07, 2010 at 10:46:47AM -0500, Hadriel Kaplan wrote:
Howdy,
The current packet-netflow.c dissector has a big switch (pen_type) {...}
block in dissect_v9_v10_pdu_data(), which looks up specific known
netflow/ipfix fields as it walks netflow v9/10 PDUs.
Unfortunately, it's a bit
On 11/7/2010 10:46 AM, Hadriel Kaplan wrote:
Howdy, The current packet-netflow.c dissector has a big switch
(pen_type) {...} block in dissect_v9_v10_pdu_data(), which looks up
specific known netflow/ipfix fields as it walks netflow v9/10 PDUs.
Unfortunately, it's a bit of a hack as pen_type
Bill Meier wrote:
On 11/7/2010 10:46 AM, Hadriel Kaplan wrote:
Howdy, The current packet-netflow.c dissector has a big switch
(pen_type) {...} block in dissect_v9_v10_pdu_data(), which looks up
specific known netflow/ipfix fields as it walks netflow v9/10 PDUs.
Unfortunately, it's a bit of a
The Buildbot has detected a new failure of Ubuntu-10.04-x64 on Wireshark 1.2.
Full details are available at:
http://buildbot.wireshark.org/trunk-1.2/builders/Ubuntu-10.04-x64/builds/18
Buildbot URL: http://buildbot.wireshark.org/trunk-1.2/
Buildslave for this Build: ubuntu-10.04-x64
Build
The Buildbot has detected a new failure of Ubuntu-10.04-x64 on Wireshark
(development).
Full details are available at:
http://buildbot.wireshark.org/trunk/builders/Ubuntu-10.04-x64/builds/716
Buildbot URL: http://buildbot.wireshark.org/trunk/
Buildslave for this Build: ubuntu-10.04-x64
Build
On Nov 7, 2010, at 12:33 PM, Jakub Zawadzki wrote:
On Sun, Nov 07, 2010 at 10:46:47AM -0500, Hadriel Kaplan wrote:
Howdy,
The current packet-netflow.c dissector has a big switch (pen_type) {...}
block in dissect_v9_v10_pdu_data(), which looks up specific known
netflow/ipfix fields as it
On Nov 7, 2010, at 12:51 PM, Bill Meier wrote:
Looking at the code a bit I see that currently pen
seems to be effectively limited to 16 bits even though 32 bits are
fetched from the tvbuff:
dissect_v9_v10_template_fields(...) {
...
guint16 pen;
...
if
On Sun, Nov 07, 2010 at 03:37:36PM -0500, Hadriel Kaplan wrote:
On Nov 7, 2010, at 12:33 PM, Jakub Zawadzki wrote:
Have you tried adding 'U' to your #define? i.e.
instead of just:
#define VENDOR_FOO 0xdead
do:
#define VENDOR_FOO 0xdeadU
or even better:
#define
On Nov 7, 2010, at 4:13 PM, Jakub Zawadzki wrote:
On Sun, Nov 07, 2010 at 03:37:36PM -0500, Hadriel Kaplan wrote:
I really don't want to force it bigger than int, I just want to make it
unsigned.
cause:
(gdb) call /x (unsigned long long) (0xdead 16)
$1 =
11 matches
Mail list logo