Wireshark mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Change in wireshark[master]: Convert "dissector filter" registrations to "dissector color...

From: Michael Mann <mmann78 () aim com>
Date: Sun, 25 Oct 2015 15:34:43 -0400

I basically asked the same question about a year ago: https://www.wireshark.org/lists/wireshark-dev/201412/msg00009.html
 
At the time the Qt GUI wasn't far enough along for me to tell if they would/should develop into 2 separate features 
(even though I thought they should be merged).  Now that the Qt GUI is fully developed, I found myself looking for the 
EtherNet/IP and Profinet "conversation" filters and didn't see them.   When I originally added EtherNet/IP to the 
"conversation filters", it (dissector_filters.{c,h}) was more of a feature I "stumbled across" and the Profinet 
implementation seemed like a "one off". Generically written, but necessary because the display filter needed to track 
the conversation was complex enough to justify menu items.

In the GTK, the difference appears to be "colorize" (via content menu using color_dissector_filter.{c,h}) or "not 
colorize" (via main menu using dissector_filters.{c,h}).  In Qt, you have the option to colorize (via context menu 
using color_dissector_filter.{c,h}) or not colorize (via main menu using color_dissector_filter.{c,h}).   Since I want 
"not colorize" for EtherNet/IP and Profinet, I presume to just never use the content menu and register their 
"conversation filter" with color_dissector_filter API (which is what https://code.wireshark.org/review/11263 is trying 
to achieve)

Based on comments I could receive either here or in the review, I would probably amend the patch to remove the 
dissector_filter.{c,h} entirely.  That would probably mean converting the existing "not color"/dissector_filter.{c,h} 
menu items in GTK to use color_dissector_filter API instead.

 
 
-----Original Message-----
From: Guy Harris <guy () alum mit edu>
To: Developer support list for Wireshark <wireshark-dev () wireshark org>
Sent: Sun, Oct 25, 2015 12:47 pm
Subject: Re: [Wireshark-dev] Change in wireshark[master]: Convert "dissector filter" registrations to "dissector 
color...




On Oct 25, 2015, at 7:33 AM, Michael Mann (Code Review)

<code-review-do-not-reply () wireshark org> wrote:


Michael Mann has uploaded

a new change for review.


 https://code.wireshark.org/review/11263



Change subject: Convert "dissector filter" registrations to "dissector color
filter" registration so they are populated in the Qt GUI.

OK, we have
epan/dissector_filter.{c,h}, which have "Routines for dissector generated
display filters", and epan/color_dissector_filter.{c,h}, which have "Routines
for dissector generated display filters".

The first of those add to a list
named "dissector_filter_list", which is only used by the GTK+ code.

The
second of those add to a list named "color_conv_filter_list", which is used both
by the GTK+ code and the Qt code.

What are the purposes of those two
different types of filter?

Is there a good reason why filters of the first
type aren't shown in the Qt UI and filters of the second type
are?
___________________________________________________________________________
Sent
via:    Wireshark-dev mailing list <wireshark-dev () wireshark org>
Archives:   
https://www.wireshark.org/lists/wireshark-dev
Unsubscribe:
https://wireshark.org/mailman/options/wireshark-dev
            
mailto:wireshark-dev-request () wireshark org?subject=unsubscribe

 

___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev () wireshark org>
Archives:    https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
             mailto:wireshark-dev-request () wireshark org?subject=unsubscribe
Previous By Date Next
Previous By Thread Next

Current thread: