Wireshark mailing list archives

Re: Using col_set_str(pinfo->cinfo, COL_PROTOCOL, "some_string") but cannot filter on some_string

From: Richard Sharpe <realrichardsharpe () gmail com>
Date: Sat, 1 Jul 2017 14:02:16 -0700

On Sat, Jul 1, 2017 at 1:48 PM, Michael Mann via Wireshark-dev
<wireshark-dev () wireshark org> wrote:

I think you're running into this:
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4684


What is strange is that it seems to work for some protocols. Ie, if I
search on smb2, dns, etc, it works.

I wonder what the difference is ...


-----Original Message-----
From: Richard Sharpe <realrichardsharpe () gmail com>
To: Developer support list for Wireshark <wireshark-dev () wireshark org>
Sent: Sat, Jul 1, 2017 2:31 pm
Subject: Re: [Wireshark-dev] Using col_set_str(pinfo->cinfo, COL_PROTOCOL,
"some_string") but cannot filter on some_string

On Sat, Jul 1, 2017 at 10:20 AM, Darien Spencer <cusneud () mail com> wrote: >

The protocol filter isn't based on the value in the protocol column. >

Instead it's based on the value given to the protocol registration method
'proto_register_protocol' > Look at the example here: >
https://www.wireshark.org/docs/wsdg_html_chunked/ChDissectAdd.html > the
filter will be 'foo' since the 3rd argument to this method is 'foo'. > Did
you use 'some_string' there as well? Yeah, I just went back and made sure
that the third argument was the same, including case, as what I used in
col_set_str. -- Regards, Richard Sharpe (何以解憂？唯有杜康。--曹操)
___________________________________________________________________________
Sent via: Wireshark-dev mailing list <wireshark-dev () wireshark org> Archives:
https://www.wireshark.org/lists/wireshark-dev Unsubscribe:
https://www.wireshark.org/mailman/options/wireshark-dev
mailto:wireshark-dev-request () wireshark org?subject=unsubscribe

___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev () wireshark org>
Archives:    https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev
             mailto:wireshark-dev-request () wireshark org?subject=unsubscribe




-- 
Regards,
Richard Sharpe
(何以解憂？唯有杜康。--曹操)
___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev () wireshark org>
Archives:    https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev
             mailto:wireshark-dev-request () wireshark org?subject=unsubscribe

Current thread:

Using col_set_str(pinfo->cinfo, COL_PROTOCOL, "some_string") but cannot filter on some_string Richard Sharpe (Jul 01)
- Re: Using col_set_str(pinfo->cinfo, COL_PROTOCOL, "some_string") but cannot filter on some_string Darien Spencer (Jul 01)
  - Re: Using col_set_str(pinfo->cinfo, COL_PROTOCOL, "some_string") but cannot filter on some_string Richard Sharpe (Jul 01)
    - Re: Using col_set_str(pinfo->cinfo, COL_PROTOCOL, "some_string") but cannot filter on some_string Michael Mann via Wireshark-dev (Jul 01)
    - Re: Using col_set_str(pinfo->cinfo, COL_PROTOCOL, "some_string") but cannot filter on some_string Richard Sharpe (Jul 01)
    - Re: Using col_set_str(pinfo->cinfo, COL_PROTOCOL, "some_string") but cannot filter on some_string Michael Mann via Wireshark-dev (Jul 01)