Re: Replace TRUE/FALSE with proper ENC_* in proto_tree_add_item() using a script.

[Guy Harris <guy () alum mit edu>]

On Oct 10, 2011, at 11:41 AM, Bill Meier wrote:

> --> packet-gmhdr.c

Presumably ENC_TIME_TIMESPEC|ENC_BIG_ENDIAN, as:

        1) presumably they knew what they were doing, and their dissector works, and ENC_TIME_TIMESPEC is 0, as is 
ENC_BIG_ENDIAN, so FALSE = ENC_TIME_TIMESPEC|ENC_BIG_ENDIAN

and

        2) their other fields are, apparently, big-endian.

It would be Really Swell if the fine folks at Gigamon were to document their header's format online, and not require a 
customer login to get at the document, so we could put a URL for it into the dissector - or, if they've already done 
that, make it clearer where it is - especially given they were so happy to have an open source program support it:

        http://www.gigamon.com/wireshark-update-for-gigasmart

> -->packet-netflow.c

Probably ENC_TIME_TIMESPEC|ENC_BIG_ENDIAN, as the other ntop fields appear to be big-endian, and Luca is, I think, a 
UN*X type, and for reason 1) in the previous item.  I'm not sure where, if anywhere, they document them.

> -->packet-reload.c

All the RELOAD stuff is in I-Ds, so one would expect network byte order, and, in fact, draft-ietf-p2psip-base-18 says 
"All integers are represented in network byte order.", and draft-ietf-p2psip-diagnostics-06 says the times are in NTP 
format, so it'd be ENC_TIME_NTP|ENC_BIG_ENDIAN.
___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev () wireshark org>
Archives:    http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
             mailto:wireshark-dev-request () wireshark org?subject=unsubscribe