Re: How to replace proto_tree_add_text()

[Guy Harris <guy () alum mit edu>]

On Nov 22, 2013, at 2:10 PM, Michael Lum <michael.lum () starsolutions com> wrote:

> I ran the checkAPIs.pl script against the files I have modified and it complains about a lot of proto_tree_add_text() 
> calls.
>  
> I would like to fix them but after looking at the README.dissector document I'm left wondering if there is an easier 
> way
> than using proto_tree_add_item.
>  
> The places in the dissector where add_text() is used were for labelling parts of the protocol without having to create
> filterable fields.

A better term is "named fields", as a field's name can be used in places other than filter expressions - which, 
themselves, should perhaps be called "packet-testing expressions", as they're used for more than filtering; they can be 
used for coloring as well.

This means that:

> For example, in packet-ansi_a.c there are 457 useless add_text() calls vs 26 add_<something else>() calls.
>  
> Do I have to add 457 items (approximately, some may duplicate) to hf_register_info ?
>  
> Basically, I want to just label a bunch of bits or octets, no subtree, not filterable.

...a named field is more than "filterable"; it can be used to make a custom column, or can be used in TShark output 
with "-T fields", and possibly other places I've forgotten about.

That's why we encourage making named fields and using them - somebody might find a use for them, even if you don't have 
a use for them.
___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev () wireshark org>
Archives:    http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
             mailto:wireshark-dev-request () wireshark org?subject=unsubscribe