Re: [Wireshark-users] when using tshark -T， the result xml is not exactly the same as using wireshark？

[Christopher Maynard <Christopher.Maynard () gtech com>]

damker <damker@...> writes:

> When using tshark -T pdml and protocol is BSSAP，there is different node:
>
> But in whireshark there is not:

Apparently -T pdml prints all the hidden fields as well, even if Wireshark isn't
configured to display them.  You can allow Wireshark to display the hidden
fields by enabling it via Edit -> Preferences -> Protocols -> "Display hidden
protocol items".

This seems like a bug to me in that -T pdml should not be displaying hidden
fields if Wireshark is not configured to display them.  Feel free to file a bug
report for this.

But the question I had to ask myself was, "Why is the BSSAP dissector displaying
this as a hidden item in the first place?"  i.e., why do the following in
dissect_bssap():

    /*
     * create the bssap protocol tree
     */
    hidden_item = proto_tree_add_item(tree, proto_bssap, tvb, 0, -1, ENC_NA);
    PROTO_ITEM_SET_HIDDEN(hidden_item);
    bssap_item = proto_tree_add_text(tree, tvb, 0, -1, (bssap_or_bsap_global ==
BSSAP) ? "BSSAP" : "BSAP");

I believe the only reason was because the author wasn't sure how else to display
"BSSAP" vs. "BSAP", but this is easy to do using
proto_tree_add_protocol_format().  I've committed a change in r44509 to fix
this.  This also has the benefit that the "Protocol Preferences ..." menu item
works now as it should.

- Chris


___________________________________________________________________________
Sent via:    Wireshark-users mailing list <wireshark-users () wireshark org>
Archives:    http://www.wireshark.org/lists/wireshark-users
Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
             mailto:wireshark-users-request () wireshark org?subject=unsubscribe