Re: pass some value to customized plugin

[Christopher Maynard <Christopher.Maynard () gtech com>]

Fabiano Ricci <fabiano.ricci@...> writes:

> > You can let the user configure the filter by preferences.

A preference is a good idea; however, it does require that the user manually
change it to match the packets, and it doesn't allow for both big-endian and
little-endian packets to be analyzed within the same capture file, which may
or may not be important to you.

Heuristics are sometimes unreliable though and sometimes [nearly to totally]
impossible.  If that's the case, then a preference is the way to go.  On the
other hand, if there is a more-or-less sure way to determine endian-ness by
examining the data in the packets, then you remove the burden from the user
as well as allow for the possibility of both big-endian and little-endian
packets to be successfully analyzed in the same capture file without any
problems.

Of course, even if you do add heuristics to determine endian-ness, you could
add a preference too, which could override the heuristics in the event that
the heuristics got it wrong.

Read more about heuristics in doc/README.heuristic.  There are plenty of
examples in the Wireshark sources too.

- Chris


___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev () wireshark org>
Archives:    http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
             mailto:wireshark-dev-request () wireshark org?subject=unsubscribe