(Redirecting to the developer list, as per Jeff Morriss's suggestion; it's the right place for questions about the Wireshark code base. CCing wireshark-users in case you're not subscribed to wireshark-dev - if you're not, you should subscribe.)
On Jul 14, 2017, at 5:38 AM, David Schaeffer <[email protected]> wrote: >> On Wed, Jul 12, 2017 at 1:42 PM, David Schaeffer <[email protected] >> wrote: >> >>> I'm currently working on pulling specific data from a packet once they've >>> clicked on some packet detail. For example, if the user clicks on a bit >>> code in the packet body, I want to also pull the source IP address of that >>> packet. Is there a way to search the packet body by field name or pulling >>> the packet details into an object of some sort to parse this information? >>> Thanks for any assistance you can offer in this matter. >> >> Can you give a bit more context? I assume that this is the context of >> writing a protocol dissector? What are you planning to do with, for >> example, the IP address? > > Sure. So the goal of this is to allow us to graph bit codes from a packet > that has already be dissected by a custom packet dissector. We're making it > so a user can right-click on the bit code they would like to graph, select > graph, and it'll bring up the IOGraph with that data, 0 or 1. So you'd right click on a particular field in the protocol details pane, get a menu with "Graph" as one of the items, and it'd pop up an I/O graph for that field? There's currently no mechanism for that in Wireshark, but it might be a useful *general* addition to Wireshark. > The problem is we have multiple PLCs sending the same bit codes so just > grabbing a filter for solely the bit code doesn't work, as it pulls from > every PLC. > I need to grab the IP address with it to track the specific bit code from > that specific PLC. *That* would require adding the ability to register a per-field callback, with the default being one that causes a "standard" I/O graph to be popped up, and with your dissector specifying a callback grabbing the IP address and the value of the bit code. That might call the "draw an I/O graph" code with another callback specified; that callback would indicate whether to use the packet or not. ___________________________________________________________________________ Sent via: Wireshark-dev mailing list <[email protected]> Archives: https://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev mailto:[email protected]?subject=unsubscribe
