2001-04-01 07:32:35 +00:00
|
|
|
/* column-utils.c
|
|
|
|
|
* Routines for column utilities.
|
|
|
|
|
*
|
2006-05-21 05:12:17 +00:00
|
|
|
* Wireshark - Network traffic analyzer
|
|
|
|
|
* By Gerald Combs <gerald@wireshark.org>
|
2001-04-01 07:32:35 +00:00
|
|
|
* Copyright 1998 Gerald Combs
|
2002-08-28 20:41:00 +00:00
|
|
|
*
|
2018-02-08 16:59:17 +00:00
|
|
|
* SPDX-License-Identifier: GPL-2.0-or-later
|
2001-04-01 07:32:35 +00:00
|
|
|
*/
|
|
|
|
|
|
2012-09-20 01:48:30 +00:00
|
|
|
#include "config.h"
|
2001-04-01 07:32:35 +00:00
|
|
|
|
2021-03-01 06:25:12 +00:00
|
|
|
#include <stdio.h>
|
2001-04-02 02:30:06 +00:00
|
|
|
#include <string.h>
|
|
|
|
|
#include <time.h>
|
2017-03-19 14:35:04 +00:00
|
|
|
#include <locale.h>
|
2023-09-14 12:44:04 +00:00
|
|
|
#include <limits.h>
|
2001-04-02 02:30:06 +00:00
|
|
|
|
2001-04-01 07:32:35 +00:00
|
|
|
#include "column-utils.h"
|
|
|
|
|
#include "timestamp.h"
|
|
|
|
|
#include "to_str.h"
|
|
|
|
|
#include "packet_info.h"
|
2013-08-01 23:34:47 +00:00
|
|
|
#include "wsutil/pint.h"
|
2004-08-06 19:57:49 +00:00
|
|
|
#include "addr_resolv.h"
|
2015-02-08 18:49:57 +00:00
|
|
|
#include "address_types.h"
|
2001-04-01 07:32:35 +00:00
|
|
|
#include "osi-utils.h"
|
2002-12-10 01:17:21 +00:00
|
|
|
#include "value_string.h"
|
2013-10-18 13:06:05 +00:00
|
|
|
#include "column-info.h"
|
epan: Register dynamic column fields and make them filterable
Make the text of each registered column a FT_STRING field that can be
filtered, prefixed with _ws.col - these work in display filters, filters
in taps, coloring rules, Wireshark read filters, and in the -Y, -R, -e,
and -j options to tshark. Use them as the default "Apply as Filter" value
for the columns that aren't handled by anything else currently.
Because only the columns formats that actually correspond to columns
get filled in (invisible columns work), register and deregister the
fields when the columns change.
Use the lower case version of the rest of the COL_* define for each
column as the field name.
This adds a number of conditions to "when are the columns needed",
including when the main display filter or any filter on a tap is
using one of these fields.
Custom columns are currently not implemented. For custom columns, the
tree then has to be further primed with any fields used by the custom
columns as well. (Perhaps that should happen in epan_dissect_run() -
are there any cases where we construct the columns and don't want to
prime with any field that custom columns contains? Possibly in taps
that we know only use build in columns.)
Thus, for performance reasons, you're better off matching an ordinary
field if possible; it takes extra time to generate the columns and many
of them are numeric types. (Note that you can always convert a non-string
field to a string field if you want regex matching, consult the
*wireshark-filter(4)* man page.) It does save a bit on typing (especially
for a multifield custom column) and remembering the column title might
be easier in some cases.
The columns are set before the color filters, which means that you
can have a color filter that depends on a built-in column like Info or
Protocol.
Remove the special handling for the -e option to tshark. Note that
the behavior is a little different now, because fixed field names
are used instead of the titles (using the titles allowed illegal
filter names, because it wasn't going through the filter engine.)
For default names, this means that they're no longer capitalized,
so "_ws.col.info" instead of "_ws.col.Info" - hopefully a small
price in exchange for the filters working everywhere.
The output format for -T fields remains the same; all that special
handling is removed (except for remembering if someone asked for
a column field to know that columns should be constructed.)
They're also set before the postdissectors, so postdissectors can
have access.
Anything that depends on whether a packet and previous packets are
displayed (COL_DELTA_TIME_DIS or COL_CUMULATIVE_BYTES) doesn't work
the way most people expect, so don't register fields for those.
(The same is already true of color filters that use those, along with
color filters that use the color filter fields.)
Fix #16576. Fix #17971. Fix #4684. Fix #13491. Fix #13941.
2023-05-01 12:02:18 +00:00
|
|
|
#include "column.h"
|
2012-10-26 01:59:17 +00:00
|
|
|
#include "proto.h"
|
2001-04-01 07:32:35 +00:00
|
|
|
|
2007-10-26 05:42:12 +00:00
|
|
|
#include <epan/strutil.h>
|
2008-02-13 05:05:33 +00:00
|
|
|
#include <epan/epan.h>
|
2014-11-05 13:36:29 +00:00
|
|
|
#include <epan/dfilter/dfilter.h>
|
2016-07-15 20:59:23 +00:00
|
|
|
|
2023-10-31 12:51:52 +00:00
|
|
|
#include <wsutil/inet_cidr.h>
|
2015-10-15 01:44:04 +00:00
|
|
|
#include <wsutil/utf8_entities.h>
|
2021-06-18 18:21:42 +00:00
|
|
|
#include <wsutil/ws_assert.h>
|
2022-10-21 12:37:42 +00:00
|
|
|
#include <wsutil/unicode-utils.h>
|
2023-09-12 19:27:50 +00:00
|
|
|
#include <wsutil/time_util.h>
|
2008-02-13 05:05:33 +00:00
|
|
|
|
2016-02-03 22:10:40 +00:00
|
|
|
#ifdef HAVE_LUA
|
|
|
|
|
#include <epan/wslua/wslua.h>
|
|
|
|
|
#endif
|
|
|
|
|
|
2022-10-21 12:37:42 +00:00
|
|
|
#define COL_BUF_MAX_LEN (((COL_MAX_INFO_LEN) > (COL_MAX_LEN)) ? \
|
|
|
|
|
(COL_MAX_INFO_LEN) : (COL_MAX_LEN))
|
|
|
|
|
|
2017-03-19 14:35:04 +00:00
|
|
|
/* Used for locale decimal point */
|
|
|
|
|
static char *col_decimal_point;
|
|
|
|
|
|
2018-03-08 23:17:58 +00:00
|
|
|
/* Used to indicate updated column information, e.g. a new request/response. */
|
|
|
|
|
static gboolean col_data_changed_;
|
|
|
|
|
|
2023-11-06 15:15:35 +00:00
|
|
|
static int proto_cols;
|
|
|
|
|
static gint ett_cols;
|
epan: Register dynamic column fields and make them filterable
Make the text of each registered column a FT_STRING field that can be
filtered, prefixed with _ws.col - these work in display filters, filters
in taps, coloring rules, Wireshark read filters, and in the -Y, -R, -e,
and -j options to tshark. Use them as the default "Apply as Filter" value
for the columns that aren't handled by anything else currently.
Because only the columns formats that actually correspond to columns
get filled in (invisible columns work), register and deregister the
fields when the columns change.
Use the lower case version of the rest of the COL_* define for each
column as the field name.
This adds a number of conditions to "when are the columns needed",
including when the main display filter or any filter on a tap is
using one of these fields.
Custom columns are currently not implemented. For custom columns, the
tree then has to be further primed with any fields used by the custom
columns as well. (Perhaps that should happen in epan_dissect_run() -
are there any cases where we construct the columns and don't want to
prime with any field that custom columns contains? Possibly in taps
that we know only use build in columns.)
Thus, for performance reasons, you're better off matching an ordinary
field if possible; it takes extra time to generate the columns and many
of them are numeric types. (Note that you can always convert a non-string
field to a string field if you want regex matching, consult the
*wireshark-filter(4)* man page.) It does save a bit on typing (especially
for a multifield custom column) and remembering the column title might
be easier in some cases.
The columns are set before the color filters, which means that you
can have a color filter that depends on a built-in column like Info or
Protocol.
Remove the special handling for the -e option to tshark. Note that
the behavior is a little different now, because fixed field names
are used instead of the titles (using the titles allowed illegal
filter names, because it wasn't going through the filter engine.)
For default names, this means that they're no longer capitalized,
so "_ws.col.info" instead of "_ws.col.Info" - hopefully a small
price in exchange for the filters working everywhere.
The output format for -T fields remains the same; all that special
handling is removed (except for remembering if someone asked for
a column field to know that columns should be constructed.)
They're also set before the postdissectors, so postdissectors can
have access.
Anything that depends on whether a packet and previous packets are
displayed (COL_DELTA_TIME_DIS or COL_CUMULATIVE_BYTES) doesn't work
the way most people expect, so don't register fields for those.
(The same is already true of color filters that use those, along with
color filters that use the color filter fields.)
Fix #16576. Fix #17971. Fix #4684. Fix #13491. Fix #13941.
2023-05-01 12:02:18 +00:00
|
|
|
|
2001-04-01 07:32:35 +00:00
|
|
|
/* Allocate all the data structures for constructing column data, given
|
|
|
|
|
the number of columns. */
|
|
|
|
|
void
|
2010-04-03 18:18:50 +00:00
|
|
|
col_setup(column_info *cinfo, const gint num_cols)
|
2001-04-01 07:32:35 +00:00
|
|
|
{
|
2003-12-02 23:14:32 +00:00
|
|
|
int i;
|
|
|
|
|
|
2017-03-19 14:35:04 +00:00
|
|
|
col_decimal_point = localeconv()->decimal_point;
|
2013-06-25 19:38:15 +00:00
|
|
|
cinfo->num_cols = num_cols;
|
2015-06-27 03:00:33 +00:00
|
|
|
cinfo->columns = g_new(col_item_t, num_cols);
|
2013-06-25 19:38:15 +00:00
|
|
|
cinfo->col_first = g_new(int, NUM_COL_FMTS);
|
|
|
|
|
cinfo->col_last = g_new(int, NUM_COL_FMTS);
|
2014-12-17 10:38:49 +00:00
|
|
|
for (i = 0; i < num_cols; i++) {
|
2015-12-11 08:34:08 +00:00
|
|
|
cinfo->columns[i].col_custom_fields_ids = NULL;
|
2014-12-17 10:38:49 +00:00
|
|
|
}
|
2013-07-16 02:34:44 +00:00
|
|
|
cinfo->col_expr.col_expr = g_new(const gchar*, num_cols + 1);
|
2009-07-22 05:02:24 +00:00
|
|
|
cinfo->col_expr.col_expr_val = g_new(gchar*, num_cols + 1);
|
2003-12-02 23:14:32 +00:00
|
|
|
|
|
|
|
|
for (i = 0; i < NUM_COL_FMTS; i++) {
|
2005-10-02 14:56:27 +00:00
|
|
|
cinfo->col_first[i] = -1;
|
|
|
|
|
cinfo->col_last[i] = -1;
|
2003-12-02 23:14:32 +00:00
|
|
|
}
|
2015-12-20 20:01:29 +00:00
|
|
|
cinfo->prime_regex = g_regex_new(COL_CUSTOM_PRIME_REGEX,
|
column: Update custom column regex
When splitting a possibly multifield custom column expression
into components, don't match "or" unless it's a word by itself,
i.e. is surrounded by space. "||" by itself is fine as a token.
This is necessary if we allow more complicated filters to match
than just single fields separated by "||" or "or". Also split
at space at the beginning or end of a string (since we don't
always guarantee that whitespace is stripped.)
When spliting into components, only split on "||" and " or " that
are not inside parenthesis. Splitting on operators inside parentheses
results in components which are not fields or valid filter expressions
and has never worked, e.g. splitting "(tcp.srcport or tcp.dstport)"
into "(tcp.srcport" and "tcp.dstport)".
TEST_OR has the lowest possible operator precedence (see
commit 34ad6bb47887fab144c8e2547dce58152111abb0), so this works,
and also justifies using OR instead of AND for multifield custom
columns.
This means that, e.g., "tcp.srcport or tcp.dstport" will be treated
as a multifield custom column expression that returns the values
for both of the fields, whereas "(tcp.srcport or tcp.dstport)" will
be ultimately treated as a single logical test that returns true
if one of the fields exist and false if neither do. Until tests
and other non single-field expressions are supported, the latter
won't work, but it never has worked.
Related to #7752, #10154, #15990, #18588, and #16181.
2024-02-08 01:01:53 +00:00
|
|
|
(GRegexCompileFlags) (G_REGEX_RAW),
|
|
|
|
|
0, NULL);
|
2001-04-01 07:32:35 +00:00
|
|
|
}
|
|
|
|
|
|
columns: Allow any field expression syntax to be used in columns
Allow anything that can be used in a display filter to be used in
columns (with the exception that field references don't work without
a notion of a currently selected frame): display filter functions,
slices, arithmetic calculations, logical tests, raw byte addressing,
the layer modifier, display filter macros, etc., alone or in
combination.
Show the results and generate filters. Note that "resolved" values are
not yet supported. They make conceptual sense for some expressions
(e.g., if the layer modifier only is used) but not for others.
Perhaps resolution could be done as a final step in the filter before
returning values.
It would also be useful to be able to get the expected return type
of an expression, so that the functions for right justifying a column
or sorting numerically could work. Right now the results are treated
as strings even if the return field values are numeric.
Multifield columns (i.e., concatenation of field values) are currently
implemented using the OR operator.For backwards compability, continue to
support that. When a true logical OR would give a different result,
surround the expression in parentheses, which the multifield columns did
not previously support (due to the regex used instead of full filter
grammar parsing.)
Perhaps in the future we should introduce a separate operator for
concatenation, possibly only used in column definitions and nowhere
else.
Update release notes.
Fix #7752. Fix #10154. Fix #15990. Fix #18588. Fix #19076.
Related to #16181 - it's now possibly to define new display filter
functions so that is essentially solved, though I suppose there's
always room for more built-in functions.
2024-02-08 02:13:23 +00:00
|
|
|
static void
|
|
|
|
|
col_custom_free_cb(void *data)
|
|
|
|
|
{
|
|
|
|
|
col_custom_t *col_custom = (col_custom_t*)data;
|
|
|
|
|
dfilter_free(col_custom->dfilter);
|
|
|
|
|
g_free(col_custom->dftext);
|
|
|
|
|
g_free(col_custom);
|
|
|
|
|
}
|
|
|
|
|
|
2014-12-20 00:20:42 +00:00
|
|
|
static void
|
2015-12-11 08:34:08 +00:00
|
|
|
col_custom_fields_ids_free(GSList** custom_fields_id)
|
2014-12-20 00:20:42 +00:00
|
|
|
{
|
2015-12-11 08:34:08 +00:00
|
|
|
if (*custom_fields_id != NULL) {
|
columns: Allow any field expression syntax to be used in columns
Allow anything that can be used in a display filter to be used in
columns (with the exception that field references don't work without
a notion of a currently selected frame): display filter functions,
slices, arithmetic calculations, logical tests, raw byte addressing,
the layer modifier, display filter macros, etc., alone or in
combination.
Show the results and generate filters. Note that "resolved" values are
not yet supported. They make conceptual sense for some expressions
(e.g., if the layer modifier only is used) but not for others.
Perhaps resolution could be done as a final step in the filter before
returning values.
It would also be useful to be able to get the expected return type
of an expression, so that the functions for right justifying a column
or sorting numerically could work. Right now the results are treated
as strings even if the return field values are numeric.
Multifield columns (i.e., concatenation of field values) are currently
implemented using the OR operator.For backwards compability, continue to
support that. When a true logical OR would give a different result,
surround the expression in parentheses, which the multifield columns did
not previously support (due to the regex used instead of full filter
grammar parsing.)
Perhaps in the future we should introduce a separate operator for
concatenation, possibly only used in column definitions and nowhere
else.
Update release notes.
Fix #7752. Fix #10154. Fix #15990. Fix #18588. Fix #19076.
Related to #16181 - it's now possibly to define new display filter
functions so that is essentially solved, though I suppose there's
always room for more built-in functions.
2024-02-08 02:13:23 +00:00
|
|
|
g_slist_free_full(*custom_fields_id, col_custom_free_cb);
|
2014-12-20 00:20:42 +00:00
|
|
|
}
|
2015-12-11 08:34:08 +00:00
|
|
|
*custom_fields_id = NULL;
|
2014-12-17 10:38:49 +00:00
|
|
|
}
|
|
|
|
|
|
2012-10-08 17:04:37 +00:00
|
|
|
/* Cleanup all the data structures for constructing column data; undoes
|
|
|
|
|
the allocations that col_setup() does. */
|
|
|
|
|
void
|
|
|
|
|
col_cleanup(column_info *cinfo)
|
|
|
|
|
{
|
2014-11-05 13:36:29 +00:00
|
|
|
int i;
|
2015-06-27 03:00:33 +00:00
|
|
|
col_item_t* col_item;
|
2014-11-05 13:36:29 +00:00
|
|
|
|
2017-02-04 15:26:34 +00:00
|
|
|
if (!cinfo)
|
|
|
|
|
return;
|
|
|
|
|
|
2014-11-05 13:36:29 +00:00
|
|
|
for (i = 0; i < cinfo->num_cols; i++) {
|
2015-06-27 03:00:33 +00:00
|
|
|
col_item = &cinfo->columns[i];
|
|
|
|
|
g_free(col_item->fmt_matx);
|
|
|
|
|
g_free(col_item->col_title);
|
2015-12-11 08:34:08 +00:00
|
|
|
g_free(col_item->col_custom_fields);
|
2015-06-27 03:00:33 +00:00
|
|
|
dfilter_free(col_item->col_custom_dfilter);
|
2015-06-29 18:13:36 +00:00
|
|
|
/* col_item->col_data points to col_buf or static memory */
|
2015-06-27 03:00:33 +00:00
|
|
|
g_free(col_item->col_buf);
|
2014-11-05 13:36:29 +00:00
|
|
|
g_free(cinfo->col_expr.col_expr_val[i]);
|
2015-12-11 08:34:08 +00:00
|
|
|
col_custom_fields_ids_free(&col_item->col_custom_fields_ids);
|
2014-11-05 13:36:29 +00:00
|
|
|
}
|
|
|
|
|
|
2015-06-27 03:00:33 +00:00
|
|
|
g_free(cinfo->columns);
|
2012-10-08 17:04:37 +00:00
|
|
|
g_free(cinfo->col_first);
|
|
|
|
|
g_free(cinfo->col_last);
|
|
|
|
|
/*
|
|
|
|
|
* XXX - MSVC doesn't correctly handle the "const" qualifier; it thinks
|
|
|
|
|
* "const XXX **" means "pointer to const pointer to XXX", i.e. that
|
|
|
|
|
* it's a pointer to something that's "const"ant, not "pointer to
|
|
|
|
|
* pointer to const XXX", i.e. that it's a pointer to a pointer to
|
|
|
|
|
* something that's "const"ant. Cast its bogus complaints away.
|
|
|
|
|
*/
|
|
|
|
|
g_free((gchar **)cinfo->col_expr.col_expr);
|
|
|
|
|
g_free(cinfo->col_expr.col_expr_val);
|
2017-02-03 21:41:31 +00:00
|
|
|
if (cinfo->prime_regex)
|
|
|
|
|
g_regex_unref(cinfo->prime_regex);
|
2012-10-08 17:04:37 +00:00
|
|
|
}
|
|
|
|
|
|
2003-04-16 05:55:41 +00:00
|
|
|
/* Initialize the data structures for constructing column data. */
|
|
|
|
|
void
|
2013-07-21 20:48:30 +00:00
|
|
|
col_init(column_info *cinfo, const struct epan_session *epan)
|
2003-04-16 05:55:41 +00:00
|
|
|
{
|
|
|
|
|
int i;
|
2015-06-27 03:00:33 +00:00
|
|
|
col_item_t* col_item;
|
2003-04-16 05:55:41 +00:00
|
|
|
|
2009-08-22 19:29:44 +00:00
|
|
|
if (!cinfo)
|
|
|
|
|
return;
|
|
|
|
|
|
2003-04-16 05:55:41 +00:00
|
|
|
for (i = 0; i < cinfo->num_cols; i++) {
|
2015-06-27 03:00:33 +00:00
|
|
|
col_item = &cinfo->columns[i];
|
|
|
|
|
col_item->col_buf[0] = '\0';
|
|
|
|
|
col_item->col_data = col_item->col_buf;
|
|
|
|
|
col_item->col_fence = 0;
|
2016-06-14 15:55:08 +00:00
|
|
|
col_item->writable = TRUE;
|
2009-08-19 07:55:11 +00:00
|
|
|
cinfo->col_expr.col_expr[i] = "";
|
2008-03-01 05:16:45 +00:00
|
|
|
cinfo->col_expr.col_expr_val[i][0] = '\0';
|
2003-04-16 05:55:41 +00:00
|
|
|
}
|
|
|
|
|
cinfo->writable = TRUE;
|
2013-07-21 20:48:30 +00:00
|
|
|
cinfo->epan = epan;
|
2003-04-16 05:55:41 +00:00
|
|
|
}
|
|
|
|
|
|
2001-04-01 07:32:35 +00:00
|
|
|
gboolean
|
2016-06-14 15:55:08 +00:00
|
|
|
col_get_writable(column_info *cinfo, const gint col)
|
2001-04-01 07:32:35 +00:00
|
|
|
{
|
2016-06-14 15:55:08 +00:00
|
|
|
int i;
|
|
|
|
|
col_item_t* col_item;
|
|
|
|
|
|
|
|
|
|
if (cinfo == NULL)
|
|
|
|
|
return FALSE;
|
|
|
|
|
|
|
|
|
|
/* "global" (not) writeability will always override
|
|
|
|
|
an individual column */
|
|
|
|
|
if ((col == -1) || (cinfo->writable == FALSE))
|
|
|
|
|
return cinfo->writable;
|
|
|
|
|
|
|
|
|
|
if (cinfo->col_first[col] >= 0) {
|
|
|
|
|
for (i = cinfo->col_first[col]; i <= cinfo->col_last[col]; i++) {
|
|
|
|
|
col_item = &cinfo->columns[i];
|
|
|
|
|
if (col_item->fmt_matx[col]) {
|
|
|
|
|
return col_item->writable;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
return FALSE;
|
2001-04-01 07:32:35 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
void
|
2016-06-14 15:55:08 +00:00
|
|
|
col_set_writable(column_info *cinfo, const gint col, const gboolean writable)
|
2001-04-01 07:32:35 +00:00
|
|
|
{
|
2016-06-14 15:55:08 +00:00
|
|
|
int i;
|
|
|
|
|
col_item_t* col_item;
|
|
|
|
|
|
|
|
|
|
if (cinfo) {
|
|
|
|
|
if (col == -1) {
|
|
|
|
|
cinfo->writable = writable;
|
|
|
|
|
} else if (cinfo->col_first[col] >= 0) {
|
|
|
|
|
for (i = cinfo->col_first[col]; i <= cinfo->col_last[col]; i++) {
|
|
|
|
|
col_item = &cinfo->columns[i];
|
|
|
|
|
if (col_item->fmt_matx[col]) {
|
|
|
|
|
col_item->writable = writable;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
2001-04-01 07:32:35 +00:00
|
|
|
}
|
|
|
|
|
|
2009-09-06 09:03:15 +00:00
|
|
|
/* Checks to see if a particular packet information element is needed for the packet list */
|
|
|
|
|
#define CHECK_COL(cinfo, el) \
|
|
|
|
|
/* We are constructing columns, and they're writable */ \
|
2016-06-14 15:55:08 +00:00
|
|
|
(col_get_writable(cinfo, el) && \
|
2009-09-06 09:03:15 +00:00
|
|
|
/* There is at least one column in that format */ \
|
|
|
|
|
((cinfo)->col_first[el] >= 0))
|
2001-04-01 07:32:35 +00:00
|
|
|
|
2003-04-16 04:52:55 +00:00
|
|
|
/* Sets the fence for a column to be at the end of the column. */
|
|
|
|
|
void
|
2010-04-03 18:18:50 +00:00
|
|
|
col_set_fence(column_info *cinfo, const gint el)
|
2003-04-16 04:52:55 +00:00
|
|
|
{
|
|
|
|
|
int i;
|
2015-06-27 03:00:33 +00:00
|
|
|
col_item_t* col_item;
|
2001-04-01 07:32:35 +00:00
|
|
|
|
2009-09-06 09:03:15 +00:00
|
|
|
if (!CHECK_COL(cinfo, el))
|
2009-03-20 12:41:03 +00:00
|
|
|
return;
|
|
|
|
|
|
|
|
|
|
for (i = cinfo->col_first[el]; i <= cinfo->col_last[el]; i++) {
|
2015-06-27 03:00:33 +00:00
|
|
|
col_item = &cinfo->columns[i];
|
|
|
|
|
if (col_item->fmt_matx[el]) {
|
|
|
|
|
col_item->col_fence = (int)strlen(col_item->col_data);
|
2003-04-16 04:52:55 +00:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
2001-04-01 07:32:35 +00:00
|
|
|
|
2013-12-18 14:18:45 +00:00
|
|
|
/* Clear the fence for a column. */
|
|
|
|
|
void
|
|
|
|
|
col_clear_fence(column_info *cinfo, const gint el)
|
|
|
|
|
{
|
|
|
|
|
int i;
|
2015-06-27 03:00:33 +00:00
|
|
|
col_item_t* col_item;
|
2013-12-18 14:18:45 +00:00
|
|
|
|
|
|
|
|
if (!CHECK_COL(cinfo, el))
|
|
|
|
|
return;
|
|
|
|
|
|
|
|
|
|
for (i = cinfo->col_first[el]; i <= cinfo->col_last[el]; i++) {
|
2015-06-27 03:00:33 +00:00
|
|
|
col_item = &cinfo->columns[i];
|
|
|
|
|
if (col_item->fmt_matx[el]) {
|
|
|
|
|
col_item->col_fence = 0;
|
2013-12-18 14:18:45 +00:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2013-02-25 20:43:06 +00:00
|
|
|
/* Gets the text of a column */
|
|
|
|
|
const gchar *
|
|
|
|
|
col_get_text(column_info *cinfo, const gint el)
|
|
|
|
|
{
|
|
|
|
|
int i;
|
|
|
|
|
const gchar* text = NULL;
|
2015-06-27 03:00:33 +00:00
|
|
|
col_item_t* col_item;
|
2013-02-25 20:43:06 +00:00
|
|
|
|
|
|
|
|
if (!(cinfo && (cinfo)->col_first[el] >= 0)) {
|
|
|
|
|
return NULL;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
for (i = cinfo->col_first[el]; i <= cinfo->col_last[el]; i++) {
|
2015-06-27 03:00:33 +00:00
|
|
|
col_item = &cinfo->columns[i];
|
|
|
|
|
if (col_item->fmt_matx[el]) {
|
|
|
|
|
text = (col_item->col_data);
|
2013-02-25 20:43:06 +00:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
return text;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
2001-04-01 07:32:35 +00:00
|
|
|
/* Use this to clear out a column, especially if you're going to be
|
|
|
|
|
appending to it later; at least on some platforms, it's more
|
|
|
|
|
efficient than using "col_add_str()" with a null string, and
|
|
|
|
|
more efficient than "col_set_str()" with a null string if you
|
|
|
|
|
later append to it, as the later append will cause a string
|
|
|
|
|
copy to be done. */
|
|
|
|
|
void
|
2010-04-03 18:18:50 +00:00
|
|
|
col_clear(column_info *cinfo, const gint el)
|
2003-04-16 04:52:55 +00:00
|
|
|
{
|
2001-04-01 07:32:35 +00:00
|
|
|
int i;
|
2015-06-27 03:00:33 +00:00
|
|
|
col_item_t* col_item;
|
2001-04-01 07:32:35 +00:00
|
|
|
|
2009-09-06 09:03:15 +00:00
|
|
|
if (!CHECK_COL(cinfo, el))
|
2009-03-20 12:41:03 +00:00
|
|
|
return;
|
|
|
|
|
|
2003-12-02 23:14:32 +00:00
|
|
|
for (i = cinfo->col_first[el]; i <= cinfo->col_last[el]; i++) {
|
2015-06-27 03:00:33 +00:00
|
|
|
col_item = &cinfo->columns[i];
|
|
|
|
|
if (col_item->fmt_matx[el]) {
|
2003-04-16 04:52:55 +00:00
|
|
|
/*
|
|
|
|
|
* At this point, either
|
|
|
|
|
*
|
|
|
|
|
* 1) col_data[i] is equal to col_buf[i], in which case we
|
|
|
|
|
* don't have to worry about copying col_data[i] to
|
|
|
|
|
* col_buf[i];
|
|
|
|
|
*
|
|
|
|
|
* 2) col_data[i] isn't equal to col_buf[i], in which case
|
|
|
|
|
* the only thing that's been done to the column is
|
|
|
|
|
* "col_set_str()" calls and possibly "col_set_fence()"
|
|
|
|
|
* calls, in which case the fence is either unset and
|
|
|
|
|
* at the beginning of the string or set and at the end
|
|
|
|
|
* of the string - if it's at the beginning, we're just
|
|
|
|
|
* going to clear the column, and if it's at the end,
|
|
|
|
|
* we don't do anything.
|
|
|
|
|
*/
|
2015-06-27 03:00:33 +00:00
|
|
|
if (col_item->col_buf == col_item->col_data || col_item->col_fence == 0) {
|
2003-04-16 04:52:55 +00:00
|
|
|
/*
|
|
|
|
|
* The fence isn't at the end of the column, or the column wasn't
|
|
|
|
|
* last set with "col_set_str()", so clear the column out.
|
|
|
|
|
*/
|
2015-06-27 03:00:33 +00:00
|
|
|
col_item->col_buf[col_item->col_fence] = '\0';
|
|
|
|
|
col_item->col_data = col_item->col_buf;
|
2003-04-16 04:52:55 +00:00
|
|
|
}
|
2009-08-19 07:55:11 +00:00
|
|
|
cinfo->col_expr.col_expr[i] = "";
|
2008-03-01 05:16:45 +00:00
|
|
|
cinfo->col_expr.col_expr_val[i][0] = '\0';
|
2001-04-01 07:32:35 +00:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2015-06-27 03:00:33 +00:00
|
|
|
#define COL_CHECK_APPEND(col_item, max_len) \
|
|
|
|
|
if (col_item->col_data != col_item->col_buf) { \
|
2009-08-22 19:29:44 +00:00
|
|
|
/* This was set with "col_set_str()"; copy the string they \
|
|
|
|
|
set it to into the buffer, so we can append to it. */ \
|
2021-04-30 10:18:25 +00:00
|
|
|
(void) g_strlcpy(col_item->col_buf, col_item->col_data, max_len); \
|
2015-06-27 03:00:33 +00:00
|
|
|
col_item->col_data = col_item->col_buf; \
|
2003-04-16 04:52:55 +00:00
|
|
|
}
|
|
|
|
|
|
2009-09-08 15:55:10 +00:00
|
|
|
#define COL_CHECK_REF_TIME(fd, buf) \
|
2018-12-27 02:26:24 +00:00
|
|
|
if (fd->ref_time) { \
|
2021-04-30 10:18:25 +00:00
|
|
|
(void) g_strlcpy(buf, "*REF*", COL_MAX_LEN ); \
|
2009-09-08 15:55:10 +00:00
|
|
|
return; \
|
2005-08-31 21:38:08 +00:00
|
|
|
}
|
|
|
|
|
|
2009-09-06 09:11:17 +00:00
|
|
|
/* The same as CHECK_COL(), but without the check to see if the column is writable. */
|
|
|
|
|
#define HAVE_CUSTOM_COLS(cinfo) ((cinfo) && (cinfo)->col_first[COL_CUSTOM] >= 0)
|
|
|
|
|
|
|
|
|
|
gboolean
|
|
|
|
|
have_custom_cols(column_info *cinfo)
|
|
|
|
|
{
|
|
|
|
|
return HAVE_CUSTOM_COLS(cinfo);
|
|
|
|
|
}
|
|
|
|
|
|
2016-02-03 22:10:40 +00:00
|
|
|
gboolean
|
|
|
|
|
have_field_extractors(void)
|
|
|
|
|
{
|
|
|
|
|
#ifdef HAVE_LUA
|
|
|
|
|
return wslua_has_field_extractors();
|
|
|
|
|
#else
|
|
|
|
|
return FALSE;
|
|
|
|
|
#endif
|
|
|
|
|
}
|
|
|
|
|
|
2009-08-25 21:10:35 +00:00
|
|
|
/* search in edt tree custom fields */
|
|
|
|
|
void col_custom_set_edt(epan_dissect_t *edt, column_info *cinfo)
|
|
|
|
|
{
|
|
|
|
|
int i;
|
2015-06-27 03:00:33 +00:00
|
|
|
col_item_t* col_item;
|
2009-08-25 21:10:35 +00:00
|
|
|
|
2013-06-25 19:38:15 +00:00
|
|
|
if (!HAVE_CUSTOM_COLS(cinfo))
|
2009-08-25 21:10:35 +00:00
|
|
|
return;
|
|
|
|
|
|
|
|
|
|
for (i = cinfo->col_first[COL_CUSTOM];
|
|
|
|
|
i <= cinfo->col_last[COL_CUSTOM]; i++) {
|
2015-06-27 03:00:33 +00:00
|
|
|
col_item = &cinfo->columns[i];
|
|
|
|
|
if (col_item->fmt_matx[COL_CUSTOM] &&
|
2015-12-11 08:34:08 +00:00
|
|
|
col_item->col_custom_fields &&
|
|
|
|
|
col_item->col_custom_fields_ids) {
|
2015-06-27 03:00:33 +00:00
|
|
|
col_item->col_data = col_item->col_buf;
|
2015-12-11 08:34:08 +00:00
|
|
|
cinfo->col_expr.col_expr[i] = epan_custom_set(edt, col_item->col_custom_fields_ids,
|
2015-06-27 03:00:33 +00:00
|
|
|
col_item->col_custom_occurrence,
|
|
|
|
|
col_item->col_buf,
|
2009-09-06 09:03:15 +00:00
|
|
|
cinfo->col_expr.col_expr_val[i],
|
2009-08-25 21:10:35 +00:00
|
|
|
COL_MAX_LEN);
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
epan: Register dynamic column fields and make them filterable
Make the text of each registered column a FT_STRING field that can be
filtered, prefixed with _ws.col - these work in display filters, filters
in taps, coloring rules, Wireshark read filters, and in the -Y, -R, -e,
and -j options to tshark. Use them as the default "Apply as Filter" value
for the columns that aren't handled by anything else currently.
Because only the columns formats that actually correspond to columns
get filled in (invisible columns work), register and deregister the
fields when the columns change.
Use the lower case version of the rest of the COL_* define for each
column as the field name.
This adds a number of conditions to "when are the columns needed",
including when the main display filter or any filter on a tap is
using one of these fields.
Custom columns are currently not implemented. For custom columns, the
tree then has to be further primed with any fields used by the custom
columns as well. (Perhaps that should happen in epan_dissect_run() -
are there any cases where we construct the columns and don't want to
prime with any field that custom columns contains? Possibly in taps
that we know only use build in columns.)
Thus, for performance reasons, you're better off matching an ordinary
field if possible; it takes extra time to generate the columns and many
of them are numeric types. (Note that you can always convert a non-string
field to a string field if you want regex matching, consult the
*wireshark-filter(4)* man page.) It does save a bit on typing (especially
for a multifield custom column) and remembering the column title might
be easier in some cases.
The columns are set before the color filters, which means that you
can have a color filter that depends on a built-in column like Info or
Protocol.
Remove the special handling for the -e option to tshark. Note that
the behavior is a little different now, because fixed field names
are used instead of the titles (using the titles allowed illegal
filter names, because it wasn't going through the filter engine.)
For default names, this means that they're no longer capitalized,
so "_ws.col.info" instead of "_ws.col.Info" - hopefully a small
price in exchange for the filters working everywhere.
The output format for -T fields remains the same; all that special
handling is removed (except for remembering if someone asked for
a column field to know that columns should be constructed.)
They're also set before the postdissectors, so postdissectors can
have access.
Anything that depends on whether a packet and previous packets are
displayed (COL_DELTA_TIME_DIS or COL_CUMULATIVE_BYTES) doesn't work
the way most people expect, so don't register fields for those.
(The same is already true of color filters that use those, along with
color filters that use the color filter fields.)
Fix #16576. Fix #17971. Fix #4684. Fix #13491. Fix #13941.
2023-05-01 12:02:18 +00:00
|
|
|
#if 0
|
|
|
|
|
// Needed if we create _ws.col.custom
|
|
|
|
|
static void
|
|
|
|
|
col_custom_set(proto_tree *tree, column_info *cinfo)
|
|
|
|
|
{
|
|
|
|
|
int i;
|
|
|
|
|
col_item_t* col_item;
|
|
|
|
|
|
|
|
|
|
if (!HAVE_CUSTOM_COLS(cinfo))
|
|
|
|
|
return;
|
|
|
|
|
|
|
|
|
|
for (i = cinfo->col_first[COL_CUSTOM];
|
|
|
|
|
i <= cinfo->col_last[COL_CUSTOM]; i++) {
|
|
|
|
|
col_item = &cinfo->columns[i];
|
|
|
|
|
if (col_item->fmt_matx[COL_CUSTOM] &&
|
|
|
|
|
col_item->col_custom_fields &&
|
|
|
|
|
col_item->col_custom_fields_ids) {
|
|
|
|
|
col_item->col_data = col_item->col_buf;
|
|
|
|
|
cinfo->col_expr.col_expr[i] = proto_custom_set(tree, col_item->col_custom_fields_ids,
|
|
|
|
|
col_item->col_custom_occurrence,
|
|
|
|
|
col_item->col_buf,
|
|
|
|
|
cinfo->col_expr.col_expr_val[i],
|
|
|
|
|
COL_MAX_LEN);
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
#endif
|
|
|
|
|
|
2008-02-13 05:05:33 +00:00
|
|
|
void
|
|
|
|
|
col_custom_prime_edt(epan_dissect_t *edt, column_info *cinfo)
|
|
|
|
|
{
|
|
|
|
|
int i;
|
2015-06-27 03:00:33 +00:00
|
|
|
col_item_t* col_item;
|
2008-02-13 05:05:33 +00:00
|
|
|
|
2013-06-25 19:38:15 +00:00
|
|
|
if (!HAVE_CUSTOM_COLS(cinfo))
|
|
|
|
|
return;
|
2008-02-13 05:05:33 +00:00
|
|
|
|
|
|
|
|
for (i = cinfo->col_first[COL_CUSTOM];
|
|
|
|
|
i <= cinfo->col_last[COL_CUSTOM]; i++) {
|
2015-06-27 03:00:33 +00:00
|
|
|
col_item = &cinfo->columns[i];
|
2009-09-08 10:33:15 +00:00
|
|
|
|
2015-06-27 03:00:33 +00:00
|
|
|
if (col_item->fmt_matx[COL_CUSTOM] &&
|
|
|
|
|
col_item->col_custom_dfilter) {
|
2017-04-12 04:56:14 +00:00
|
|
|
epan_dissect_prime_with_dfilter(edt, col_item->col_custom_dfilter);
|
2009-09-11 14:00:36 +00:00
|
|
|
}
|
2008-02-13 05:05:33 +00:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2022-11-02 13:11:30 +00:00
|
|
|
char*
|
|
|
|
|
col_custom_get_filter(epan_dissect_t *edt, column_info *cinfo, const gint col)
|
|
|
|
|
{
|
|
|
|
|
col_item_t* col_item;
|
|
|
|
|
|
|
|
|
|
ws_assert(cinfo);
|
|
|
|
|
ws_assert(col < cinfo->num_cols);
|
|
|
|
|
|
|
|
|
|
col_item = &cinfo->columns[col];
|
|
|
|
|
if (col_item->fmt_matx[COL_CUSTOM] &&
|
|
|
|
|
col_item->col_custom_fields &&
|
|
|
|
|
col_item->col_custom_fields_ids) {
|
|
|
|
|
|
|
|
|
|
return proto_custom_get_filter(edt, col_item->col_custom_fields_ids,
|
|
|
|
|
col_item->col_custom_occurrence);
|
|
|
|
|
}
|
|
|
|
|
return NULL;
|
|
|
|
|
}
|
|
|
|
|
|
2014-06-21 21:06:54 +00:00
|
|
|
void
|
2014-12-05 21:04:59 +00:00
|
|
|
col_append_lstr(column_info *cinfo, const gint el, const gchar *str1, ...)
|
2014-06-21 21:06:54 +00:00
|
|
|
{
|
|
|
|
|
va_list ap;
|
|
|
|
|
size_t pos, max_len;
|
|
|
|
|
int i;
|
2014-12-05 21:04:59 +00:00
|
|
|
const gchar *str;
|
2015-06-27 03:00:33 +00:00
|
|
|
col_item_t* col_item;
|
2014-06-21 21:06:54 +00:00
|
|
|
|
|
|
|
|
if (!CHECK_COL(cinfo, el))
|
|
|
|
|
return;
|
|
|
|
|
|
|
|
|
|
if (el == COL_INFO)
|
|
|
|
|
max_len = COL_MAX_INFO_LEN;
|
|
|
|
|
else
|
|
|
|
|
max_len = COL_MAX_LEN;
|
|
|
|
|
|
|
|
|
|
for (i = cinfo->col_first[el]; i <= cinfo->col_last[el]; i++) {
|
2015-06-27 03:00:33 +00:00
|
|
|
col_item = &cinfo->columns[i];
|
|
|
|
|
if (col_item->fmt_matx[el]) {
|
2014-06-21 21:06:54 +00:00
|
|
|
/*
|
|
|
|
|
* First arrange that we can append, if necessary.
|
|
|
|
|
*/
|
2015-06-27 03:00:33 +00:00
|
|
|
COL_CHECK_APPEND(col_item, max_len);
|
2014-06-21 21:06:54 +00:00
|
|
|
|
2015-06-27 03:00:33 +00:00
|
|
|
pos = strlen(col_item->col_buf);
|
2014-06-21 21:06:54 +00:00
|
|
|
if (pos >= max_len)
|
|
|
|
|
return;
|
|
|
|
|
|
2014-12-05 21:04:59 +00:00
|
|
|
va_start(ap, str1);
|
|
|
|
|
str = str1;
|
2014-06-21 21:06:54 +00:00
|
|
|
do {
|
2022-10-21 12:37:42 +00:00
|
|
|
if (G_UNLIKELY(str == NULL)) {
|
|
|
|
|
str = "(null)";
|
|
|
|
|
}
|
|
|
|
|
WS_UTF_8_CHECK(str, -1);
|
|
|
|
|
pos = ws_label_strcpy(col_item->col_buf, max_len, pos, str, 0);
|
2014-06-21 21:06:54 +00:00
|
|
|
|
|
|
|
|
} while (pos < max_len && (str = va_arg(ap, const char *)) != COL_ADD_LSTR_TERMINATOR);
|
|
|
|
|
va_end(ap);
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2015-10-04 01:52:10 +00:00
|
|
|
void
|
2015-10-05 12:51:58 +00:00
|
|
|
col_append_str_uint(column_info *cinfo, const gint col, const gchar *abbrev, guint32 val, const gchar *sep)
|
2015-10-04 01:52:10 +00:00
|
|
|
{
|
|
|
|
|
char buf[16];
|
|
|
|
|
|
|
|
|
|
guint32_to_str_buf(val, buf, sizeof(buf));
|
|
|
|
|
col_append_lstr(cinfo, col, sep ? sep : "", abbrev, "=", buf, COL_ADD_LSTR_TERMINATOR);
|
|
|
|
|
}
|
|
|
|
|
|
2016-07-13 18:06:52 +00:00
|
|
|
static inline void
|
2021-02-27 07:17:11 +00:00
|
|
|
col_snprint_port(gchar *buf, size_t buf_siz, port_type typ, guint16 val)
|
2015-10-05 12:51:58 +00:00
|
|
|
{
|
|
|
|
|
const char *str;
|
|
|
|
|
|
|
|
|
|
if (gbl_resolv_flags.transport_name &&
|
|
|
|
|
(str = try_serv_name_lookup(typ, val)) != NULL) {
|
2021-12-16 18:06:18 +00:00
|
|
|
snprintf(buf, buf_siz, "%s(%"PRIu16")", str, val);
|
2015-10-05 12:51:58 +00:00
|
|
|
} else {
|
2021-12-16 18:06:18 +00:00
|
|
|
snprintf(buf, buf_siz, "%"PRIu16, val);
|
2015-10-05 12:51:58 +00:00
|
|
|
}
|
2015-10-15 01:44:04 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
void
|
|
|
|
|
col_append_ports(column_info *cinfo, const gint col, port_type typ, guint16 src, guint16 dst)
|
|
|
|
|
{
|
|
|
|
|
char buf_src[32], buf_dst[32];
|
|
|
|
|
|
|
|
|
|
col_snprint_port(buf_src, 32, typ, src);
|
|
|
|
|
col_snprint_port(buf_dst, 32, typ, dst);
|
2016-10-07 13:05:15 +00:00
|
|
|
col_append_lstr(cinfo, col, buf_src, " " UTF8_RIGHTWARDS_ARROW " ", buf_dst, COL_ADD_LSTR_TERMINATOR);
|
2015-10-05 12:51:58 +00:00
|
|
|
}
|
|
|
|
|
|
2018-03-08 23:17:58 +00:00
|
|
|
void
|
|
|
|
|
col_append_frame_number(packet_info *pinfo, const gint col, const gchar *fmt_str, guint frame_num)
|
|
|
|
|
{
|
|
|
|
|
col_append_fstr(pinfo->cinfo, col, fmt_str, frame_num);
|
2018-12-27 02:26:24 +00:00
|
|
|
if (!pinfo->fd->visited) {
|
2018-03-08 23:17:58 +00:00
|
|
|
col_data_changed_ = TRUE;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2014-05-05 20:22:29 +00:00
|
|
|
static void
|
|
|
|
|
col_do_append_fstr(column_info *cinfo, const int el, const char *separator, const char *format, va_list ap)
|
2003-04-16 04:52:55 +00:00
|
|
|
{
|
2022-10-28 00:48:00 +00:00
|
|
|
size_t len, max_len, sep_len, pos;
|
2014-05-05 20:22:29 +00:00
|
|
|
int i;
|
2015-06-27 03:00:33 +00:00
|
|
|
col_item_t* col_item;
|
2022-10-21 12:37:42 +00:00
|
|
|
char tmp[COL_BUF_MAX_LEN];
|
2010-07-08 02:54:26 +00:00
|
|
|
|
2014-05-05 20:22:29 +00:00
|
|
|
sep_len = (separator) ? strlen(separator) : 0;
|
2002-08-28 20:41:00 +00:00
|
|
|
|
2001-04-01 07:32:35 +00:00
|
|
|
if (el == COL_INFO)
|
2009-08-22 19:29:44 +00:00
|
|
|
max_len = COL_MAX_INFO_LEN;
|
2001-04-01 07:32:35 +00:00
|
|
|
else
|
2009-08-22 19:29:44 +00:00
|
|
|
max_len = COL_MAX_LEN;
|
2002-08-28 20:41:00 +00:00
|
|
|
|
2003-12-02 23:14:32 +00:00
|
|
|
for (i = cinfo->col_first[el]; i <= cinfo->col_last[el]; i++) {
|
2015-06-27 03:00:33 +00:00
|
|
|
col_item = &cinfo->columns[i];
|
|
|
|
|
if (col_item->fmt_matx[el]) {
|
2003-04-16 04:52:55 +00:00
|
|
|
/*
|
|
|
|
|
* First arrange that we can append, if necessary.
|
|
|
|
|
*/
|
2015-06-27 03:00:33 +00:00
|
|
|
COL_CHECK_APPEND(col_item, max_len);
|
2004-08-24 08:20:20 +00:00
|
|
|
|
2015-06-27 03:00:33 +00:00
|
|
|
len = strlen(col_item->col_buf);
|
2004-08-24 08:20:20 +00:00
|
|
|
|
2014-05-05 20:22:29 +00:00
|
|
|
/*
|
|
|
|
|
* If we have a separator, append it if the column isn't empty.
|
|
|
|
|
*/
|
|
|
|
|
if (sep_len != 0 && len != 0) {
|
2022-10-21 12:37:42 +00:00
|
|
|
(void) ws_label_strcat(col_item->col_buf, max_len, separator, 0);
|
2014-05-05 20:22:29 +00:00
|
|
|
len += sep_len;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (len < max_len) {
|
|
|
|
|
va_list ap2;
|
|
|
|
|
|
2021-12-12 11:34:48 +00:00
|
|
|
va_copy(ap2, ap);
|
2022-10-28 00:48:00 +00:00
|
|
|
pos = vsnprintf(tmp, sizeof(tmp), format, ap2);
|
2014-12-29 17:05:09 +00:00
|
|
|
va_end(ap2);
|
2022-10-28 00:48:00 +00:00
|
|
|
if (pos >= max_len) {
|
|
|
|
|
ws_utf8_truncate(tmp, max_len - 1);
|
|
|
|
|
}
|
2022-10-21 12:37:42 +00:00
|
|
|
WS_UTF_8_CHECK(tmp, -1);
|
|
|
|
|
ws_label_strcpy(col_item->col_buf, max_len, len, tmp, 0);
|
2014-05-05 20:22:29 +00:00
|
|
|
}
|
2001-04-01 07:32:35 +00:00
|
|
|
}
|
|
|
|
|
}
|
2014-05-05 20:22:29 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* Appends a vararg list to a packet info string. */
|
|
|
|
|
void
|
|
|
|
|
col_append_fstr(column_info *cinfo, const gint el, const gchar *format, ...)
|
|
|
|
|
{
|
|
|
|
|
va_list ap;
|
|
|
|
|
|
|
|
|
|
if (!CHECK_COL(cinfo, el))
|
|
|
|
|
return;
|
2004-08-24 08:20:20 +00:00
|
|
|
|
2014-05-05 20:22:29 +00:00
|
|
|
va_start(ap, format);
|
|
|
|
|
col_do_append_fstr(cinfo, el, NULL, format, ap);
|
|
|
|
|
va_end(ap);
|
2002-01-29 08:44:53 +00:00
|
|
|
}
|
|
|
|
|
|
2010-07-08 02:54:26 +00:00
|
|
|
/* Appends a vararg list to a packet info string.
|
|
|
|
|
* Prefixes it with the given separator if the column is not empty.
|
|
|
|
|
*/
|
2004-02-05 23:57:15 +00:00
|
|
|
void
|
2010-04-03 18:18:50 +00:00
|
|
|
col_append_sep_fstr(column_info *cinfo, const gint el, const gchar *separator,
|
2013-06-25 19:38:15 +00:00
|
|
|
const gchar *format, ...)
|
2004-02-05 23:57:15 +00:00
|
|
|
{
|
|
|
|
|
va_list ap;
|
|
|
|
|
|
2009-09-06 09:03:15 +00:00
|
|
|
if (!CHECK_COL(cinfo, el))
|
2009-03-20 12:41:03 +00:00
|
|
|
return;
|
|
|
|
|
|
2004-08-24 08:20:20 +00:00
|
|
|
if (separator == NULL)
|
|
|
|
|
separator = ", "; /* default */
|
2004-02-05 23:57:15 +00:00
|
|
|
|
2014-05-05 20:22:29 +00:00
|
|
|
va_start(ap, format);
|
|
|
|
|
col_do_append_fstr(cinfo, el, separator, format, ap);
|
|
|
|
|
va_end(ap);
|
2010-07-08 02:54:26 +00:00
|
|
|
}
|
2004-02-05 23:57:15 +00:00
|
|
|
|
2002-01-29 08:44:53 +00:00
|
|
|
/* Prepends a vararg list to a packet info string. */
|
|
|
|
|
void
|
2010-04-03 18:18:50 +00:00
|
|
|
col_prepend_fstr(column_info *cinfo, const gint el, const gchar *format, ...)
|
2002-01-29 08:44:53 +00:00
|
|
|
{
|
2004-12-30 23:42:02 +00:00
|
|
|
va_list ap;
|
|
|
|
|
int i;
|
|
|
|
|
char orig_buf[COL_BUF_MAX_LEN];
|
|
|
|
|
const char *orig;
|
2022-10-28 00:48:00 +00:00
|
|
|
size_t max_len, pos;
|
2015-06-27 03:00:33 +00:00
|
|
|
col_item_t* col_item;
|
2022-10-21 12:37:42 +00:00
|
|
|
char tmp[COL_BUF_MAX_LEN];
|
2002-08-28 20:41:00 +00:00
|
|
|
|
2009-09-06 09:03:15 +00:00
|
|
|
if (!CHECK_COL(cinfo, el))
|
2009-03-20 12:41:03 +00:00
|
|
|
return;
|
|
|
|
|
|
2002-01-29 08:44:53 +00:00
|
|
|
if (el == COL_INFO)
|
2009-08-22 19:29:44 +00:00
|
|
|
max_len = COL_MAX_INFO_LEN;
|
2002-01-29 08:44:53 +00:00
|
|
|
else
|
2009-08-22 19:29:44 +00:00
|
|
|
max_len = COL_MAX_LEN;
|
2002-08-28 20:41:00 +00:00
|
|
|
|
2003-12-02 23:14:32 +00:00
|
|
|
for (i = cinfo->col_first[el]; i <= cinfo->col_last[el]; i++) {
|
2015-06-27 03:00:33 +00:00
|
|
|
col_item = &cinfo->columns[i];
|
|
|
|
|
if (col_item->fmt_matx[el]) {
|
|
|
|
|
if (col_item->col_data != col_item->col_buf) {
|
2004-12-30 23:42:02 +00:00
|
|
|
/* This was set with "col_set_str()"; which is effectively const */
|
2015-06-27 03:00:33 +00:00
|
|
|
orig = col_item->col_data;
|
2002-01-29 08:44:53 +00:00
|
|
|
} else {
|
2021-04-30 10:18:25 +00:00
|
|
|
(void) g_strlcpy(orig_buf, col_item->col_buf, max_len);
|
2002-01-31 00:51:36 +00:00
|
|
|
orig = orig_buf;
|
2002-01-29 08:44:53 +00:00
|
|
|
}
|
2010-05-26 02:01:49 +00:00
|
|
|
va_start(ap, format);
|
2022-10-28 00:48:00 +00:00
|
|
|
pos = vsnprintf(tmp, sizeof(tmp), format, ap);
|
2010-05-26 02:01:49 +00:00
|
|
|
va_end(ap);
|
2022-10-28 00:48:00 +00:00
|
|
|
if (pos >= max_len) {
|
|
|
|
|
ws_utf8_truncate(tmp, max_len - 1);
|
|
|
|
|
}
|
2022-10-21 12:37:42 +00:00
|
|
|
WS_UTF_8_CHECK(tmp, -1);
|
2022-10-28 00:48:00 +00:00
|
|
|
pos = ws_label_strcpy(col_item->col_buf, max_len, 0, tmp, 0);
|
2003-04-16 04:52:55 +00:00
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* Move the fence, unless it's at the beginning of the string.
|
|
|
|
|
*/
|
2015-06-27 03:00:33 +00:00
|
|
|
if (col_item->col_fence > 0)
|
|
|
|
|
col_item->col_fence += (int) strlen(col_item->col_buf);
|
2003-04-16 04:52:55 +00:00
|
|
|
|
2022-10-28 00:48:00 +00:00
|
|
|
/*
|
|
|
|
|
* Append the original data.
|
|
|
|
|
*/
|
|
|
|
|
ws_label_strcpy(col_item->col_buf, max_len, pos, orig, 0);
|
2015-06-27 03:00:33 +00:00
|
|
|
col_item->col_data = col_item->col_buf;
|
2002-01-29 08:44:53 +00:00
|
|
|
}
|
|
|
|
|
}
|
2001-04-01 07:32:35 +00:00
|
|
|
}
|
2005-10-04 13:34:52 +00:00
|
|
|
void
|
2010-04-03 18:18:50 +00:00
|
|
|
col_prepend_fence_fstr(column_info *cinfo, const gint el, const gchar *format, ...)
|
2005-10-04 13:34:52 +00:00
|
|
|
{
|
|
|
|
|
va_list ap;
|
|
|
|
|
int i;
|
|
|
|
|
char orig_buf[COL_BUF_MAX_LEN];
|
|
|
|
|
const char *orig;
|
2022-10-28 00:48:00 +00:00
|
|
|
size_t max_len, pos;
|
2015-06-27 03:00:33 +00:00
|
|
|
col_item_t* col_item;
|
2022-10-21 12:37:42 +00:00
|
|
|
char tmp[COL_BUF_MAX_LEN];
|
2005-10-04 13:34:52 +00:00
|
|
|
|
2009-09-06 09:03:15 +00:00
|
|
|
if (!CHECK_COL(cinfo, el))
|
2009-03-20 12:41:03 +00:00
|
|
|
return;
|
|
|
|
|
|
2005-10-04 13:34:52 +00:00
|
|
|
if (el == COL_INFO)
|
2009-08-22 19:29:44 +00:00
|
|
|
max_len = COL_MAX_INFO_LEN;
|
2005-10-04 13:34:52 +00:00
|
|
|
else
|
2009-08-22 19:29:44 +00:00
|
|
|
max_len = COL_MAX_LEN;
|
2005-10-04 13:34:52 +00:00
|
|
|
|
|
|
|
|
for (i = cinfo->col_first[el]; i <= cinfo->col_last[el]; i++) {
|
2015-06-27 03:00:33 +00:00
|
|
|
col_item = &cinfo->columns[i];
|
|
|
|
|
if (col_item->fmt_matx[el]) {
|
|
|
|
|
if (col_item->col_data != col_item->col_buf) {
|
2005-10-04 13:34:52 +00:00
|
|
|
/* This was set with "col_set_str()"; which is effectively const */
|
2015-06-27 03:00:33 +00:00
|
|
|
orig = col_item->col_data;
|
2005-10-04 13:34:52 +00:00
|
|
|
} else {
|
2021-04-30 10:18:25 +00:00
|
|
|
(void) g_strlcpy(orig_buf, col_item->col_buf, max_len);
|
2005-10-04 13:34:52 +00:00
|
|
|
orig = orig_buf;
|
|
|
|
|
}
|
2010-05-26 02:01:49 +00:00
|
|
|
va_start(ap, format);
|
2022-10-28 00:48:00 +00:00
|
|
|
pos = vsnprintf(tmp, sizeof(tmp), format, ap);
|
2010-05-26 02:01:49 +00:00
|
|
|
va_end(ap);
|
2022-10-28 00:48:00 +00:00
|
|
|
if (pos >= max_len) {
|
|
|
|
|
ws_utf8_truncate(tmp, max_len - 1);
|
|
|
|
|
}
|
2022-10-21 12:37:42 +00:00
|
|
|
WS_UTF_8_CHECK(tmp, -1);
|
2022-10-28 00:48:00 +00:00
|
|
|
pos = ws_label_strcpy(col_item->col_buf, max_len, 0, tmp, 0);
|
2005-10-04 13:34:52 +00:00
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* Move the fence if it exists, else create a new fence at the
|
|
|
|
|
* end of the prepended data.
|
|
|
|
|
*/
|
2015-06-27 03:00:33 +00:00
|
|
|
if (col_item->col_fence > 0) {
|
|
|
|
|
col_item->col_fence += (int) strlen(col_item->col_buf);
|
2005-10-04 13:34:52 +00:00
|
|
|
} else {
|
2015-06-27 03:00:33 +00:00
|
|
|
col_item->col_fence = (int) strlen(col_item->col_buf);
|
2005-10-04 13:34:52 +00:00
|
|
|
}
|
2022-10-28 00:48:00 +00:00
|
|
|
/*
|
|
|
|
|
* Append the original data.
|
|
|
|
|
*/
|
|
|
|
|
ws_label_strcpy(col_item->col_buf, max_len, pos, orig, 0);
|
2015-06-27 03:00:33 +00:00
|
|
|
col_item->col_data = col_item->col_buf;
|
2005-10-04 13:34:52 +00:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
2001-04-01 07:32:35 +00:00
|
|
|
|
|
|
|
|
/* Use this if "str" points to something that won't stay around (and
|
|
|
|
|
must thus be copied). */
|
|
|
|
|
void
|
2010-04-03 18:18:50 +00:00
|
|
|
col_add_str(column_info *cinfo, const gint el, const gchar* str)
|
2003-04-16 04:52:55 +00:00
|
|
|
{
|
2001-04-01 07:32:35 +00:00
|
|
|
int i;
|
|
|
|
|
size_t max_len;
|
2015-06-27 03:00:33 +00:00
|
|
|
col_item_t* col_item;
|
2001-04-01 07:32:35 +00:00
|
|
|
|
2009-09-06 09:03:15 +00:00
|
|
|
if (!CHECK_COL(cinfo, el))
|
2009-03-20 12:41:03 +00:00
|
|
|
return;
|
|
|
|
|
|
2001-04-01 07:32:35 +00:00
|
|
|
if (el == COL_INFO)
|
2009-08-22 19:29:44 +00:00
|
|
|
max_len = COL_MAX_INFO_LEN;
|
2001-04-01 07:32:35 +00:00
|
|
|
else
|
2009-08-22 19:29:44 +00:00
|
|
|
max_len = COL_MAX_LEN;
|
2002-08-28 20:41:00 +00:00
|
|
|
|
2003-12-02 23:14:32 +00:00
|
|
|
for (i = cinfo->col_first[el]; i <= cinfo->col_last[el]; i++) {
|
2015-06-27 03:00:33 +00:00
|
|
|
col_item = &cinfo->columns[i];
|
|
|
|
|
if (col_item->fmt_matx[el]) {
|
|
|
|
|
if (col_item->col_fence != 0) {
|
2003-04-16 04:52:55 +00:00
|
|
|
/*
|
|
|
|
|
* We will append the string after the fence.
|
|
|
|
|
* First arrange that we can append, if necessary.
|
|
|
|
|
*/
|
2015-06-27 03:00:33 +00:00
|
|
|
COL_CHECK_APPEND(col_item, max_len);
|
2003-04-16 04:52:55 +00:00
|
|
|
} else {
|
|
|
|
|
/*
|
|
|
|
|
* There's no fence, so we can just write to the string.
|
|
|
|
|
*/
|
2015-06-27 03:00:33 +00:00
|
|
|
col_item->col_data = col_item->col_buf;
|
2003-04-16 04:52:55 +00:00
|
|
|
}
|
2022-10-21 12:37:42 +00:00
|
|
|
WS_UTF_8_CHECK(str, -1);
|
|
|
|
|
(void) ws_label_strcpy(col_item->col_buf, max_len, col_item->col_fence, str, 0);
|
2001-04-01 07:32:35 +00:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2009-09-22 21:08:48 +00:00
|
|
|
/* Use this if "str" points to something that will stay around (and thus
|
|
|
|
|
needn't be copied). */
|
|
|
|
|
void
|
2010-04-03 18:18:50 +00:00
|
|
|
col_set_str(column_info *cinfo, const gint el, const gchar* str)
|
2009-09-22 21:08:48 +00:00
|
|
|
{
|
|
|
|
|
int i;
|
|
|
|
|
size_t max_len;
|
2015-06-27 03:00:33 +00:00
|
|
|
col_item_t* col_item;
|
2009-09-22 21:08:48 +00:00
|
|
|
|
|
|
|
|
DISSECTOR_ASSERT(str);
|
|
|
|
|
|
|
|
|
|
if (!CHECK_COL(cinfo, el))
|
|
|
|
|
return;
|
|
|
|
|
|
|
|
|
|
if (el == COL_INFO)
|
|
|
|
|
max_len = COL_MAX_INFO_LEN;
|
|
|
|
|
else
|
|
|
|
|
max_len = COL_MAX_LEN;
|
|
|
|
|
|
|
|
|
|
for (i = cinfo->col_first[el]; i <= cinfo->col_last[el]; i++) {
|
2015-06-27 03:00:33 +00:00
|
|
|
col_item = &cinfo->columns[i];
|
|
|
|
|
if (col_item->fmt_matx[el]) {
|
|
|
|
|
if (col_item->col_fence != 0) {
|
2009-09-22 21:08:48 +00:00
|
|
|
/*
|
|
|
|
|
* We will append the string after the fence.
|
|
|
|
|
* First arrange that we can append, if necessary.
|
|
|
|
|
*/
|
2015-06-27 03:00:33 +00:00
|
|
|
COL_CHECK_APPEND(col_item, max_len);
|
2009-09-22 21:08:48 +00:00
|
|
|
|
2021-04-30 10:18:25 +00:00
|
|
|
(void) g_strlcpy(&col_item->col_buf[col_item->col_fence], str, max_len - col_item->col_fence);
|
2009-09-22 21:08:48 +00:00
|
|
|
} else {
|
|
|
|
|
/*
|
|
|
|
|
* There's no fence, so we can just set the column to point
|
|
|
|
|
* to the string.
|
|
|
|
|
*/
|
2015-06-27 03:00:33 +00:00
|
|
|
col_item->col_data = str;
|
2009-09-22 21:08:48 +00:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2014-05-13 23:56:23 +00:00
|
|
|
void
|
2014-12-05 21:04:59 +00:00
|
|
|
col_add_lstr(column_info *cinfo, const gint el, const gchar *str1, ...)
|
2014-05-13 23:56:23 +00:00
|
|
|
{
|
|
|
|
|
va_list ap;
|
|
|
|
|
int i;
|
2014-05-17 22:28:30 +00:00
|
|
|
gsize pos;
|
|
|
|
|
gsize max_len;
|
2014-12-05 21:04:59 +00:00
|
|
|
const gchar *str;
|
2015-06-27 03:00:33 +00:00
|
|
|
col_item_t* col_item;
|
2014-05-13 23:56:23 +00:00
|
|
|
|
|
|
|
|
if (!CHECK_COL(cinfo, el))
|
|
|
|
|
return;
|
|
|
|
|
|
|
|
|
|
if (el == COL_INFO)
|
|
|
|
|
max_len = COL_MAX_INFO_LEN;
|
|
|
|
|
else
|
|
|
|
|
max_len = COL_MAX_LEN;
|
|
|
|
|
|
|
|
|
|
for (i = cinfo->col_first[el]; i <= cinfo->col_last[el]; i++) {
|
2015-06-27 03:00:33 +00:00
|
|
|
col_item = &cinfo->columns[i];
|
|
|
|
|
if (col_item->fmt_matx[el]) {
|
|
|
|
|
pos = col_item->col_fence;
|
2014-05-13 23:56:23 +00:00
|
|
|
if (pos != 0) {
|
|
|
|
|
/*
|
|
|
|
|
* We will append the string after the fence.
|
|
|
|
|
* First arrange that we can append, if necessary.
|
|
|
|
|
*/
|
2015-06-27 03:00:33 +00:00
|
|
|
COL_CHECK_APPEND(col_item, max_len);
|
2014-05-13 23:56:23 +00:00
|
|
|
} else {
|
|
|
|
|
/*
|
|
|
|
|
* There's no fence, so we can just write to the string.
|
|
|
|
|
*/
|
2015-06-27 03:00:33 +00:00
|
|
|
col_item->col_data = col_item->col_buf;
|
2014-05-13 23:56:23 +00:00
|
|
|
}
|
|
|
|
|
|
2014-12-05 21:04:59 +00:00
|
|
|
va_start(ap, str1);
|
2014-12-05 21:14:31 +00:00
|
|
|
str = str1;
|
2014-05-13 23:56:23 +00:00
|
|
|
do {
|
2022-10-21 12:37:42 +00:00
|
|
|
if (G_UNLIKELY(str == NULL)) {
|
|
|
|
|
str = "(null)";
|
|
|
|
|
}
|
|
|
|
|
WS_UTF_8_CHECK(str, -1);
|
|
|
|
|
pos = ws_label_strcpy(col_item->col_buf, max_len, pos, str, 0);
|
2014-05-13 23:56:23 +00:00
|
|
|
|
|
|
|
|
} while (pos < max_len && (str = va_arg(ap, const char *)) != COL_ADD_LSTR_TERMINATOR);
|
|
|
|
|
va_end(ap);
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2009-09-22 21:08:48 +00:00
|
|
|
/* Adds a vararg list to a packet info string. */
|
|
|
|
|
void
|
2014-05-13 23:56:23 +00:00
|
|
|
col_add_fstr(column_info *cinfo, const gint el, const gchar *format, ...)
|
|
|
|
|
{
|
2009-09-22 21:08:48 +00:00
|
|
|
va_list ap;
|
2022-10-28 00:48:00 +00:00
|
|
|
int i, pos;
|
2009-09-22 21:08:48 +00:00
|
|
|
int max_len;
|
2015-06-27 03:00:33 +00:00
|
|
|
col_item_t* col_item;
|
2022-10-21 12:37:42 +00:00
|
|
|
char tmp[COL_BUF_MAX_LEN];
|
2009-09-22 21:08:48 +00:00
|
|
|
|
|
|
|
|
if (!CHECK_COL(cinfo, el))
|
|
|
|
|
return;
|
|
|
|
|
|
|
|
|
|
if (el == COL_INFO)
|
|
|
|
|
max_len = COL_MAX_INFO_LEN;
|
|
|
|
|
else
|
|
|
|
|
max_len = COL_MAX_LEN;
|
|
|
|
|
|
|
|
|
|
for (i = cinfo->col_first[el]; i <= cinfo->col_last[el]; i++) {
|
2015-06-27 03:00:33 +00:00
|
|
|
col_item = &cinfo->columns[i];
|
|
|
|
|
if (col_item->fmt_matx[el]) {
|
|
|
|
|
if (col_item->col_fence != 0) {
|
2009-09-22 21:08:48 +00:00
|
|
|
/*
|
|
|
|
|
* We will append the string after the fence.
|
|
|
|
|
* First arrange that we can append, if necessary.
|
|
|
|
|
*/
|
2015-06-27 03:00:33 +00:00
|
|
|
COL_CHECK_APPEND(col_item, max_len);
|
2009-09-22 21:08:48 +00:00
|
|
|
} else {
|
|
|
|
|
/*
|
|
|
|
|
* There's no fence, so we can just write to the string.
|
|
|
|
|
*/
|
2015-06-27 03:00:33 +00:00
|
|
|
col_item->col_data = col_item->col_buf;
|
2009-09-22 21:08:48 +00:00
|
|
|
}
|
2010-05-26 02:01:49 +00:00
|
|
|
va_start(ap, format);
|
2022-10-28 00:48:00 +00:00
|
|
|
pos = vsnprintf(tmp, sizeof(tmp), format, ap);
|
2010-05-26 02:01:49 +00:00
|
|
|
va_end(ap);
|
2022-10-28 00:48:00 +00:00
|
|
|
if (pos >= max_len) {
|
|
|
|
|
ws_utf8_truncate(tmp, max_len - 1);
|
|
|
|
|
}
|
2022-10-21 12:37:42 +00:00
|
|
|
WS_UTF_8_CHECK(tmp, -1);
|
|
|
|
|
ws_label_strcpy(col_item->col_buf, max_len, col_item->col_fence, tmp, 0);
|
2009-09-22 21:08:48 +00:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2004-08-24 08:20:20 +00:00
|
|
|
static void
|
2010-04-03 18:18:50 +00:00
|
|
|
col_do_append_str(column_info *cinfo, const gint el, const gchar* separator,
|
2004-08-24 08:20:20 +00:00
|
|
|
const gchar* str)
|
2003-04-16 04:52:55 +00:00
|
|
|
{
|
2001-04-01 07:32:35 +00:00
|
|
|
int i;
|
2009-09-29 19:19:40 +00:00
|
|
|
size_t len, max_len;
|
2015-06-27 03:00:33 +00:00
|
|
|
col_item_t* col_item;
|
2001-04-01 07:32:35 +00:00
|
|
|
|
|
|
|
|
if (el == COL_INFO)
|
2009-08-22 19:29:44 +00:00
|
|
|
max_len = COL_MAX_INFO_LEN;
|
2001-04-01 07:32:35 +00:00
|
|
|
else
|
2009-08-22 19:29:44 +00:00
|
|
|
max_len = COL_MAX_LEN;
|
2002-08-28 20:41:00 +00:00
|
|
|
|
2003-12-02 23:14:32 +00:00
|
|
|
for (i = cinfo->col_first[el]; i <= cinfo->col_last[el]; i++) {
|
2015-06-27 03:00:33 +00:00
|
|
|
col_item = &cinfo->columns[i];
|
|
|
|
|
if (col_item->fmt_matx[el]) {
|
2003-04-16 04:52:55 +00:00
|
|
|
/*
|
|
|
|
|
* First arrange that we can append, if necessary.
|
|
|
|
|
*/
|
2015-06-27 03:00:33 +00:00
|
|
|
COL_CHECK_APPEND(col_item, max_len);
|
2004-08-24 08:20:20 +00:00
|
|
|
|
2015-06-27 03:00:33 +00:00
|
|
|
len = col_item->col_buf[0];
|
2004-08-24 08:20:20 +00:00
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* If we have a separator, append it if the column isn't empty.
|
|
|
|
|
*/
|
|
|
|
|
if (separator != NULL) {
|
|
|
|
|
if (len != 0) {
|
2022-10-21 12:37:42 +00:00
|
|
|
(void) ws_label_strcat(col_item->col_buf, max_len, separator, 0);
|
2004-08-24 08:20:20 +00:00
|
|
|
}
|
|
|
|
|
}
|
2022-10-21 12:37:42 +00:00
|
|
|
WS_UTF_8_CHECK(str, -1);
|
|
|
|
|
(void) ws_label_strcat(col_item->col_buf, max_len, str, 0);
|
2001-04-01 07:32:35 +00:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2004-08-24 08:20:20 +00:00
|
|
|
void
|
2010-04-03 18:18:50 +00:00
|
|
|
col_append_str(column_info *cinfo, const gint el, const gchar* str)
|
2004-08-24 08:20:20 +00:00
|
|
|
{
|
2009-09-11 14:00:36 +00:00
|
|
|
if (!CHECK_COL(cinfo, el))
|
|
|
|
|
return;
|
|
|
|
|
|
2004-08-24 08:20:20 +00:00
|
|
|
col_do_append_str(cinfo, el, NULL, str);
|
|
|
|
|
}
|
|
|
|
|
|
2004-02-05 23:57:15 +00:00
|
|
|
void
|
2010-04-03 18:18:50 +00:00
|
|
|
col_append_sep_str(column_info *cinfo, const gint el, const gchar* separator,
|
2004-02-05 23:57:15 +00:00
|
|
|
const gchar* str)
|
|
|
|
|
{
|
2009-09-11 14:00:36 +00:00
|
|
|
if (!CHECK_COL(cinfo, el))
|
|
|
|
|
return;
|
|
|
|
|
|
2004-08-24 08:20:20 +00:00
|
|
|
if (separator == NULL)
|
|
|
|
|
separator = ", "; /* default */
|
2009-09-20 12:09:25 +00:00
|
|
|
|
2004-08-24 08:20:20 +00:00
|
|
|
col_do_append_str(cinfo, el, separator, str);
|
2004-02-05 23:57:15 +00:00
|
|
|
}
|
|
|
|
|
|
2009-08-19 07:55:11 +00:00
|
|
|
/* --------------------------------- */
|
2009-09-22 21:08:48 +00:00
|
|
|
gboolean
|
2010-04-03 18:18:50 +00:00
|
|
|
col_has_time_fmt(column_info *cinfo, const gint col)
|
2009-09-22 21:08:48 +00:00
|
|
|
{
|
2015-06-27 03:00:33 +00:00
|
|
|
col_item_t* col_item = &cinfo->columns[col];
|
|
|
|
|
return ((col_item->fmt_matx[COL_CLS_TIME]) ||
|
|
|
|
|
(col_item->fmt_matx[COL_ABS_TIME]) ||
|
|
|
|
|
(col_item->fmt_matx[COL_ABS_YMD_TIME]) ||
|
|
|
|
|
(col_item->fmt_matx[COL_ABS_YDOY_TIME]) ||
|
|
|
|
|
(col_item->fmt_matx[COL_UTC_TIME]) ||
|
|
|
|
|
(col_item->fmt_matx[COL_UTC_YMD_TIME]) ||
|
|
|
|
|
(col_item->fmt_matx[COL_UTC_YDOY_TIME]) ||
|
|
|
|
|
(col_item->fmt_matx[COL_REL_TIME]) ||
|
|
|
|
|
(col_item->fmt_matx[COL_DELTA_TIME]) ||
|
|
|
|
|
(col_item->fmt_matx[COL_DELTA_TIME_DIS]));
|
2009-09-22 21:08:48 +00:00
|
|
|
}
|
|
|
|
|
|
2023-09-12 19:27:50 +00:00
|
|
|
static int
|
|
|
|
|
get_frame_timestamp_precision(const frame_data *fd)
|
2001-04-01 07:32:35 +00:00
|
|
|
{
|
2014-09-28 18:37:06 +00:00
|
|
|
int tsprecision;
|
2001-04-01 07:32:35 +00:00
|
|
|
|
Add a routine to format an nstime as an ISO 8601-style date/time.
This replaces code in both absolute_time_string(), in capinfos, and
set_abs_ymd_time(), in libwireshark. Like absolute_time_string(), it
reports, in the formatted string, an error if the seconds value in the
nstime can't be converted to a struct tm (looking at *you*, Visual
Studio C library),
Have that routine handle all time precision values from 0 (seconds) to 9
(nanoseconds).
Add a ws_gmtime_r(), matching ws_localtime_r(), for use by that routine.
2023-09-11 09:21:59 +00:00
|
|
|
tsprecision = timestamp_get_precision();
|
|
|
|
|
if (tsprecision == TS_PREC_AUTO)
|
|
|
|
|
tsprecision = fd->tsprec;
|
|
|
|
|
else if (tsprecision < 0)
|
|
|
|
|
ws_assert_not_reached();
|
2023-09-13 00:53:24 +00:00
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* Time stamp precision values higher than the maximum
|
|
|
|
|
* precision we support can't be handled. Just display
|
|
|
|
|
* those times with the maximum precision we support.
|
|
|
|
|
*/
|
|
|
|
|
if (tsprecision > WS_TSPREC_MAX)
|
|
|
|
|
tsprecision = WS_TSPREC_MAX;
|
|
|
|
|
|
2023-09-12 19:27:50 +00:00
|
|
|
return tsprecision;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
static int
|
|
|
|
|
get_default_timestamp_precision(void)
|
|
|
|
|
{
|
|
|
|
|
int tsprecision;
|
|
|
|
|
|
|
|
|
|
tsprecision = timestamp_get_precision();
|
|
|
|
|
if (tsprecision == TS_PREC_AUTO)
|
2023-09-13 00:53:24 +00:00
|
|
|
tsprecision = WS_TSPREC_MAX; /* default to the maximum precision we support */
|
2023-09-12 19:27:50 +00:00
|
|
|
else if (tsprecision < 0)
|
|
|
|
|
ws_assert_not_reached();
|
2023-09-13 00:53:24 +00:00
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* Time stamp precision values higher than the maximum
|
|
|
|
|
* precision we support can't be handled. Just display
|
|
|
|
|
* those times with the maximum precision we support.
|
|
|
|
|
*/
|
|
|
|
|
if (tsprecision > WS_TSPREC_MAX)
|
|
|
|
|
tsprecision = WS_TSPREC_MAX;
|
|
|
|
|
|
2023-09-12 19:27:50 +00:00
|
|
|
return tsprecision;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
static void
|
|
|
|
|
set_abs_ymd_time(const frame_data *fd, gchar *buf, char *decimal_point, gboolean local)
|
|
|
|
|
{
|
|
|
|
|
if (!fd->has_ts) {
|
|
|
|
|
buf[0] = '\0';
|
|
|
|
|
return;
|
|
|
|
|
}
|
|
|
|
|
format_nstime_as_iso8601(buf, COL_MAX_LEN, &fd->abs_ts, decimal_point, local, get_frame_timestamp_precision(fd));
|
2001-04-01 07:32:35 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
static void
|
2013-11-06 20:39:09 +00:00
|
|
|
col_set_abs_ymd_time(const frame_data *fd, column_info *cinfo, const int col)
|
2009-08-19 07:55:11 +00:00
|
|
|
{
|
2017-03-19 14:35:04 +00:00
|
|
|
set_abs_ymd_time(fd, cinfo->columns[col].col_buf, col_decimal_point, TRUE);
|
2011-09-16 14:25:50 +00:00
|
|
|
cinfo->col_expr.col_expr[col] = "frame.time";
|
2021-04-30 10:18:25 +00:00
|
|
|
(void) g_strlcpy(cinfo->col_expr.col_expr_val[col],cinfo->columns[col].col_buf,COL_MAX_LEN);
|
2011-09-16 14:25:50 +00:00
|
|
|
|
2015-06-27 03:00:33 +00:00
|
|
|
cinfo->columns[col].col_data = cinfo->columns[col].col_buf;
|
2011-07-04 21:43:34 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
static void
|
2013-11-06 20:39:09 +00:00
|
|
|
col_set_utc_ymd_time(const frame_data *fd, column_info *cinfo, const int col)
|
2011-07-04 21:43:34 +00:00
|
|
|
{
|
2017-03-19 14:35:04 +00:00
|
|
|
set_abs_ymd_time(fd, cinfo->columns[col].col_buf, col_decimal_point, FALSE);
|
2013-11-06 20:39:09 +00:00
|
|
|
cinfo->col_expr.col_expr[col] = "frame.time";
|
2021-04-30 10:18:25 +00:00
|
|
|
(void) g_strlcpy(cinfo->col_expr.col_expr_val[col],cinfo->columns[col].col_buf,COL_MAX_LEN);
|
2013-11-06 20:39:09 +00:00
|
|
|
|
2015-06-27 03:00:33 +00:00
|
|
|
cinfo->columns[col].col_data = cinfo->columns[col].col_buf;
|
2013-11-06 20:39:09 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
static void
|
2017-03-19 14:35:04 +00:00
|
|
|
set_abs_ydoy_time(const frame_data *fd, gchar *buf, char *decimal_point, gboolean local)
|
2013-11-06 20:39:09 +00:00
|
|
|
{
|
2023-09-12 19:27:50 +00:00
|
|
|
struct tm tm, *tmp;
|
|
|
|
|
char *ptr;
|
|
|
|
|
size_t remaining;
|
|
|
|
|
int num_bytes;
|
2014-09-28 18:37:06 +00:00
|
|
|
int tsprecision;
|
2013-11-06 20:39:09 +00:00
|
|
|
|
2023-09-12 19:27:50 +00:00
|
|
|
if (!fd->has_ts) {
|
2013-11-06 20:39:09 +00:00
|
|
|
buf[0] = '\0';
|
2023-09-12 19:27:50 +00:00
|
|
|
return;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (local)
|
|
|
|
|
tmp = ws_localtime_r(&fd->abs_ts.secs, &tm);
|
|
|
|
|
else
|
|
|
|
|
tmp = ws_gmtime_r(&fd->abs_ts.secs, &tm);
|
|
|
|
|
if (tmp == NULL) {
|
|
|
|
|
snprintf(buf, COL_MAX_LEN, "Not representable");
|
|
|
|
|
return;
|
|
|
|
|
}
|
|
|
|
|
ptr = buf;
|
|
|
|
|
remaining = COL_MAX_LEN;
|
|
|
|
|
num_bytes = snprintf(ptr, remaining,"%04d/%03d %02d:%02d:%02d",
|
|
|
|
|
tmp->tm_year + 1900,
|
|
|
|
|
tmp->tm_yday + 1,
|
|
|
|
|
tmp->tm_hour,
|
|
|
|
|
tmp->tm_min,
|
|
|
|
|
tmp->tm_sec);
|
|
|
|
|
if (num_bytes < 0) {
|
|
|
|
|
/*
|
|
|
|
|
* That got an error.
|
|
|
|
|
* Not much else we can do.
|
|
|
|
|
*/
|
|
|
|
|
snprintf(ptr, remaining, "snprintf() failed");
|
|
|
|
|
return;
|
|
|
|
|
}
|
|
|
|
|
if ((unsigned int)num_bytes >= remaining) {
|
|
|
|
|
/*
|
|
|
|
|
* That filled up or would have overflowed the buffer.
|
|
|
|
|
* Nothing more we can do.
|
|
|
|
|
*/
|
|
|
|
|
return;
|
|
|
|
|
}
|
|
|
|
|
ptr += num_bytes;
|
|
|
|
|
remaining -= num_bytes;
|
|
|
|
|
|
|
|
|
|
tsprecision = get_frame_timestamp_precision(fd);
|
|
|
|
|
if (tsprecision != 0) {
|
|
|
|
|
/*
|
|
|
|
|
* Append the fractional part.
|
|
|
|
|
* Get the nsecs as a 32-bit unsigned value, as it should never
|
|
|
|
|
* be negative, so we treat it as unsigned.
|
|
|
|
|
*/
|
|
|
|
|
format_fractional_part_nsecs(ptr, remaining, (guint32)fd->abs_ts.nsecs, decimal_point, tsprecision);
|
2013-11-06 20:39:09 +00:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
static void
|
|
|
|
|
col_set_abs_ydoy_time(const frame_data *fd, column_info *cinfo, const int col)
|
|
|
|
|
{
|
2017-03-19 14:35:04 +00:00
|
|
|
set_abs_ydoy_time(fd, cinfo->columns[col].col_buf, col_decimal_point, TRUE);
|
2013-11-06 20:39:09 +00:00
|
|
|
cinfo->col_expr.col_expr[col] = "frame.time";
|
2021-04-30 10:18:25 +00:00
|
|
|
(void) g_strlcpy(cinfo->col_expr.col_expr_val[col],cinfo->columns[col].col_buf,COL_MAX_LEN);
|
2013-11-06 20:39:09 +00:00
|
|
|
|
2015-06-27 03:00:33 +00:00
|
|
|
cinfo->columns[col].col_data = cinfo->columns[col].col_buf;
|
2013-11-06 20:39:09 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
static void
|
|
|
|
|
col_set_utc_ydoy_time(const frame_data *fd, column_info *cinfo, const int col)
|
|
|
|
|
{
|
2017-03-19 14:35:04 +00:00
|
|
|
set_abs_ydoy_time(fd, cinfo->columns[col].col_buf, col_decimal_point, FALSE);
|
2011-09-16 14:25:50 +00:00
|
|
|
cinfo->col_expr.col_expr[col] = "frame.time";
|
2021-04-30 10:18:25 +00:00
|
|
|
(void) g_strlcpy(cinfo->col_expr.col_expr_val[col],cinfo->columns[col].col_buf,COL_MAX_LEN);
|
2011-09-16 14:25:50 +00:00
|
|
|
|
2015-06-27 03:00:33 +00:00
|
|
|
cinfo->columns[col].col_data = cinfo->columns[col].col_buf;
|
2009-08-19 07:55:11 +00:00
|
|
|
}
|
|
|
|
|
|
2011-09-19 05:15:58 +00:00
|
|
|
static void
|
2014-09-28 18:37:06 +00:00
|
|
|
set_time_seconds(const frame_data *fd, const nstime_t *ts, gchar *buf)
|
2001-04-01 07:32:35 +00:00
|
|
|
{
|
2022-01-07 14:37:45 +00:00
|
|
|
ws_assert(fd->has_ts);
|
|
|
|
|
|
2023-09-12 19:27:50 +00:00
|
|
|
display_signed_time(buf, COL_MAX_LEN, ts, get_frame_timestamp_precision(fd));
|
2001-04-01 07:32:35 +00:00
|
|
|
}
|
|
|
|
|
|
2011-09-19 05:15:58 +00:00
|
|
|
static void
|
2017-03-19 14:35:04 +00:00
|
|
|
set_time_hour_min_sec(const frame_data *fd, const nstime_t *ts, gchar *buf, char *decimal_point)
|
2001-04-01 07:32:35 +00:00
|
|
|
{
|
2010-09-08 10:29:06 +00:00
|
|
|
time_t secs = ts->secs;
|
2023-09-12 19:27:50 +00:00
|
|
|
guint32 nsecs;
|
2010-09-08 10:29:06 +00:00
|
|
|
gboolean negative = FALSE;
|
2023-09-12 19:27:50 +00:00
|
|
|
char *ptr;
|
|
|
|
|
size_t remaining;
|
|
|
|
|
int num_bytes;
|
2014-09-28 18:37:06 +00:00
|
|
|
int tsprecision;
|
2010-09-08 10:29:06 +00:00
|
|
|
|
2022-01-07 14:37:45 +00:00
|
|
|
ws_assert(fd->has_ts);
|
|
|
|
|
|
2010-09-08 10:29:06 +00:00
|
|
|
if (secs < 0) {
|
|
|
|
|
secs = -secs;
|
|
|
|
|
negative = TRUE;
|
|
|
|
|
}
|
2023-09-12 19:27:50 +00:00
|
|
|
if (ts->nsecs >= 0) {
|
|
|
|
|
nsecs = ts->nsecs;
|
2023-09-14 12:44:04 +00:00
|
|
|
} else if (G_LIKELY(ts->nsecs != INT_MIN)) {
|
2023-09-12 19:27:50 +00:00
|
|
|
/*
|
|
|
|
|
* This isn't the smallest negative number that fits in 32
|
|
|
|
|
* bits, so we can compute its negative and store it in a
|
|
|
|
|
* 32-bit unsigned int variable.
|
|
|
|
|
*/
|
|
|
|
|
nsecs = -ts->nsecs;
|
|
|
|
|
negative = TRUE;
|
|
|
|
|
} else {
|
|
|
|
|
/*
|
|
|
|
|
* -2147483648 is the smallest number that fits in a signed
|
|
|
|
|
* 2's complement 32-bit variable, and its negative doesn't
|
|
|
|
|
* fit in 32 bits.
|
|
|
|
|
*
|
|
|
|
|
* Just cast it to a 32-bit unsigned int value to set the
|
|
|
|
|
* 32-bit unsigned int variable to 2147483648.
|
|
|
|
|
*
|
|
|
|
|
* Note that, on platforms where both integers and long
|
|
|
|
|
* integers are 32-bit, such as 32-bit UN*Xes and both
|
|
|
|
|
* 32-bit *and* 64-bit Windows, making the variable in
|
|
|
|
|
* question a long will not avoid undefined behavior.
|
|
|
|
|
*/
|
|
|
|
|
nsecs = (guint32)ts->nsecs;
|
2011-09-02 11:46:33 +00:00
|
|
|
negative = TRUE;
|
|
|
|
|
}
|
2023-09-12 19:27:50 +00:00
|
|
|
ptr = buf;
|
|
|
|
|
remaining = COL_MAX_LEN;
|
|
|
|
|
if (secs >= (60*60)) {
|
|
|
|
|
num_bytes = snprintf(ptr, remaining, "%s%dh %2dm %2d",
|
|
|
|
|
negative ? "- " : "",
|
|
|
|
|
(gint32) secs / (60 * 60),
|
|
|
|
|
(gint32) (secs / 60) % 60,
|
|
|
|
|
(gint32) secs % 60);
|
|
|
|
|
} else if (secs >= 60) {
|
|
|
|
|
num_bytes = snprintf(ptr, remaining, "%s%dm %2d",
|
|
|
|
|
negative ? "- " : "",
|
|
|
|
|
(gint32) secs / 60,
|
|
|
|
|
(gint32) secs % 60);
|
|
|
|
|
} else {
|
|
|
|
|
num_bytes = snprintf(ptr, remaining, "%s%d",
|
|
|
|
|
negative ? "- " : "",
|
|
|
|
|
(gint32) secs);
|
2014-09-28 18:37:06 +00:00
|
|
|
}
|
2023-09-12 19:27:50 +00:00
|
|
|
if (num_bytes < 0) {
|
|
|
|
|
/*
|
|
|
|
|
* That got an error.
|
|
|
|
|
* Not much else we can do.
|
|
|
|
|
*/
|
|
|
|
|
snprintf(ptr, remaining, "snprintf() failed");
|
|
|
|
|
return;
|
|
|
|
|
}
|
|
|
|
|
if ((unsigned int)num_bytes >= remaining) {
|
|
|
|
|
/*
|
|
|
|
|
* That filled up or would have overflowed the buffer.
|
|
|
|
|
* Nothing more we can do.
|
|
|
|
|
*/
|
|
|
|
|
return;
|
|
|
|
|
}
|
|
|
|
|
ptr += num_bytes;
|
|
|
|
|
remaining -= num_bytes;
|
|
|
|
|
|
|
|
|
|
tsprecision = get_frame_timestamp_precision(fd);
|
|
|
|
|
if (tsprecision != 0) {
|
|
|
|
|
/*
|
|
|
|
|
* Append the fractional part.
|
|
|
|
|
*/
|
|
|
|
|
num_bytes = format_fractional_part_nsecs(ptr, remaining, nsecs, decimal_point, tsprecision);
|
|
|
|
|
if ((unsigned int)num_bytes >= remaining) {
|
|
|
|
|
/*
|
|
|
|
|
* That filled up or would have overflowed the buffer.
|
|
|
|
|
* Nothing more we can do.
|
|
|
|
|
*/
|
|
|
|
|
return;
|
2010-05-06 10:32:59 +00:00
|
|
|
}
|
2023-09-12 19:27:50 +00:00
|
|
|
ptr += num_bytes;
|
|
|
|
|
remaining -= num_bytes;
|
2005-08-25 21:29:54 +00:00
|
|
|
}
|
2023-09-12 19:27:50 +00:00
|
|
|
|
|
|
|
|
/* Append the "s" for seconds. */
|
|
|
|
|
snprintf(ptr, remaining, "s");
|
2001-04-01 07:32:35 +00:00
|
|
|
}
|
|
|
|
|
|
2007-03-23 18:08:17 +00:00
|
|
|
static void
|
2010-05-06 10:32:59 +00:00
|
|
|
col_set_rel_time(const frame_data *fd, column_info *cinfo, const int col)
|
2007-03-23 18:08:17 +00:00
|
|
|
{
|
2013-07-21 23:07:33 +00:00
|
|
|
nstime_t del_rel_ts;
|
|
|
|
|
|
2018-12-27 02:26:24 +00:00
|
|
|
if (!fd->has_ts) {
|
2015-06-27 03:00:33 +00:00
|
|
|
cinfo->columns[col].col_buf[0] = '\0';
|
2012-02-25 23:24:34 +00:00
|
|
|
return;
|
|
|
|
|
}
|
2013-07-21 23:07:33 +00:00
|
|
|
|
|
|
|
|
frame_delta_abs_time(cinfo->epan, fd, fd->frame_ref_num, &del_rel_ts);
|
|
|
|
|
|
2010-05-06 10:32:59 +00:00
|
|
|
switch (timestamp_get_seconds_type()) {
|
|
|
|
|
case TS_SECONDS_DEFAULT:
|
2015-06-27 03:00:33 +00:00
|
|
|
set_time_seconds(fd, &del_rel_ts, cinfo->columns[col].col_buf);
|
2011-09-19 05:15:58 +00:00
|
|
|
cinfo->col_expr.col_expr[col] = "frame.time_relative";
|
2021-04-30 10:18:25 +00:00
|
|
|
(void) g_strlcpy(cinfo->col_expr.col_expr_val[col],cinfo->columns[col].col_buf,COL_MAX_LEN);
|
2010-05-06 10:32:59 +00:00
|
|
|
break;
|
|
|
|
|
case TS_SECONDS_HOUR_MIN_SEC:
|
2017-03-19 14:35:04 +00:00
|
|
|
set_time_hour_min_sec(fd, &del_rel_ts, cinfo->columns[col].col_buf, col_decimal_point);
|
2011-09-19 05:15:58 +00:00
|
|
|
cinfo->col_expr.col_expr[col] = "frame.time_relative";
|
2014-09-28 18:37:06 +00:00
|
|
|
set_time_seconds(fd, &del_rel_ts, cinfo->col_expr.col_expr_val[col]);
|
2010-05-06 10:32:59 +00:00
|
|
|
break;
|
|
|
|
|
default:
|
2021-06-18 18:21:42 +00:00
|
|
|
ws_assert_not_reached();
|
2009-08-19 07:55:11 +00:00
|
|
|
}
|
2015-06-27 03:00:33 +00:00
|
|
|
cinfo->columns[col].col_data = cinfo->columns[col].col_buf;
|
2009-08-19 07:55:11 +00:00
|
|
|
}
|
|
|
|
|
|
2010-05-06 10:32:59 +00:00
|
|
|
static void
|
|
|
|
|
col_set_delta_time(const frame_data *fd, column_info *cinfo, const int col)
|
2009-08-19 07:55:11 +00:00
|
|
|
{
|
2012-09-23 16:25:28 +00:00
|
|
|
nstime_t del_cap_ts;
|
|
|
|
|
|
2022-01-07 14:37:45 +00:00
|
|
|
if (!fd->has_ts) {
|
|
|
|
|
cinfo->columns[col].col_buf[0] = '\0';
|
|
|
|
|
return;
|
|
|
|
|
}
|
|
|
|
|
|
2013-07-21 20:48:30 +00:00
|
|
|
frame_delta_abs_time(cinfo->epan, fd, fd->num - 1, &del_cap_ts);
|
2012-09-23 16:25:28 +00:00
|
|
|
|
2010-05-06 10:32:59 +00:00
|
|
|
switch (timestamp_get_seconds_type()) {
|
|
|
|
|
case TS_SECONDS_DEFAULT:
|
2015-06-27 03:00:33 +00:00
|
|
|
set_time_seconds(fd, &del_cap_ts, cinfo->columns[col].col_buf);
|
2011-09-19 05:15:58 +00:00
|
|
|
cinfo->col_expr.col_expr[col] = "frame.time_delta";
|
2021-04-30 10:18:25 +00:00
|
|
|
(void) g_strlcpy(cinfo->col_expr.col_expr_val[col],cinfo->columns[col].col_buf,COL_MAX_LEN);
|
2010-05-06 10:32:59 +00:00
|
|
|
break;
|
|
|
|
|
case TS_SECONDS_HOUR_MIN_SEC:
|
2017-03-19 14:35:04 +00:00
|
|
|
set_time_hour_min_sec(fd, &del_cap_ts, cinfo->columns[col].col_buf, col_decimal_point);
|
2011-09-19 05:15:58 +00:00
|
|
|
cinfo->col_expr.col_expr[col] = "frame.time_delta";
|
2014-09-28 18:37:06 +00:00
|
|
|
set_time_seconds(fd, &del_cap_ts, cinfo->col_expr.col_expr_val[col]);
|
2010-05-06 10:32:59 +00:00
|
|
|
break;
|
|
|
|
|
default:
|
2021-06-18 18:21:42 +00:00
|
|
|
ws_assert_not_reached();
|
2007-03-23 18:08:17 +00:00
|
|
|
}
|
2010-05-06 10:32:59 +00:00
|
|
|
|
2015-06-27 03:00:33 +00:00
|
|
|
cinfo->columns[col].col_data = cinfo->columns[col].col_buf;
|
2009-08-19 07:55:11 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
static void
|
2010-04-03 18:18:50 +00:00
|
|
|
col_set_delta_time_dis(const frame_data *fd, column_info *cinfo, const int col)
|
2009-08-19 07:55:11 +00:00
|
|
|
{
|
2012-09-23 16:25:28 +00:00
|
|
|
nstime_t del_dis_ts;
|
|
|
|
|
|
2018-12-27 02:26:24 +00:00
|
|
|
if (!fd->has_ts) {
|
2015-06-27 03:00:33 +00:00
|
|
|
cinfo->columns[col].col_buf[0] = '\0';
|
2012-02-25 23:24:34 +00:00
|
|
|
return;
|
|
|
|
|
}
|
2012-09-23 16:25:28 +00:00
|
|
|
|
2013-07-21 20:48:30 +00:00
|
|
|
frame_delta_abs_time(cinfo->epan, fd, fd->prev_dis_num, &del_dis_ts);
|
2012-09-23 16:25:28 +00:00
|
|
|
|
2010-05-06 10:32:59 +00:00
|
|
|
switch (timestamp_get_seconds_type()) {
|
|
|
|
|
case TS_SECONDS_DEFAULT:
|
2015-06-27 03:00:33 +00:00
|
|
|
set_time_seconds(fd, &del_dis_ts, cinfo->columns[col].col_buf);
|
2011-09-19 05:15:58 +00:00
|
|
|
cinfo->col_expr.col_expr[col] = "frame.time_delta_displayed";
|
2021-04-30 10:18:25 +00:00
|
|
|
(void) g_strlcpy(cinfo->col_expr.col_expr_val[col],cinfo->columns[col].col_buf,COL_MAX_LEN);
|
2010-05-06 10:32:59 +00:00
|
|
|
break;
|
|
|
|
|
case TS_SECONDS_HOUR_MIN_SEC:
|
2017-03-19 14:35:04 +00:00
|
|
|
set_time_hour_min_sec(fd, &del_dis_ts, cinfo->columns[col].col_buf, col_decimal_point);
|
2011-09-19 05:15:58 +00:00
|
|
|
cinfo->col_expr.col_expr[col] = "frame.time_delta_displayed";
|
2014-09-28 18:37:06 +00:00
|
|
|
set_time_seconds(fd, &del_dis_ts, cinfo->col_expr.col_expr_val[col]);
|
2010-05-06 10:32:59 +00:00
|
|
|
break;
|
|
|
|
|
default:
|
2021-06-18 18:21:42 +00:00
|
|
|
ws_assert_not_reached();
|
2009-08-19 07:55:11 +00:00
|
|
|
}
|
2010-05-06 10:32:59 +00:00
|
|
|
|
2015-06-27 03:00:33 +00:00
|
|
|
cinfo->columns[col].col_data = cinfo->columns[col].col_buf;
|
2007-03-23 18:08:17 +00:00
|
|
|
}
|
|
|
|
|
|
2023-09-12 19:27:50 +00:00
|
|
|
/*
|
|
|
|
|
* Time, without date.
|
|
|
|
|
*/
|
2011-09-16 14:25:50 +00:00
|
|
|
static void
|
2017-03-19 14:35:04 +00:00
|
|
|
set_abs_time(const frame_data *fd, gchar *buf, char *decimal_point, gboolean local)
|
2001-04-01 07:32:35 +00:00
|
|
|
{
|
2023-09-12 19:27:50 +00:00
|
|
|
struct tm tm, *tmp;
|
|
|
|
|
gchar *ptr;
|
|
|
|
|
size_t remaining;
|
|
|
|
|
int num_bytes;
|
2014-09-28 18:37:06 +00:00
|
|
|
int tsprecision;
|
2001-04-01 07:32:35 +00:00
|
|
|
|
2023-09-12 19:27:50 +00:00
|
|
|
if (!fd->has_ts) {
|
2009-08-19 07:55:11 +00:00
|
|
|
*buf = '\0';
|
2023-09-12 19:27:50 +00:00
|
|
|
return;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
ptr = buf;
|
|
|
|
|
remaining = COL_MAX_LEN;
|
|
|
|
|
|
|
|
|
|
if (local)
|
|
|
|
|
tmp = ws_localtime_r(&fd->abs_ts.secs, &tm);
|
|
|
|
|
else
|
|
|
|
|
tmp = ws_gmtime_r(&fd->abs_ts.secs, &tm);
|
|
|
|
|
if (tmp == NULL) {
|
|
|
|
|
snprintf(ptr, remaining, "Not representable");
|
|
|
|
|
return;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* Integral part. */
|
|
|
|
|
num_bytes = snprintf(ptr, remaining, "%02d:%02d:%02d",
|
|
|
|
|
tmp->tm_hour,
|
|
|
|
|
tmp->tm_min,
|
|
|
|
|
tmp->tm_sec);
|
|
|
|
|
if (num_bytes < 0) {
|
|
|
|
|
/*
|
|
|
|
|
* That got an error.
|
|
|
|
|
* Not much else we can do.
|
|
|
|
|
*/
|
|
|
|
|
snprintf(ptr, remaining, "snprintf() failed");
|
|
|
|
|
return;
|
|
|
|
|
}
|
|
|
|
|
if ((unsigned int)num_bytes >= remaining) {
|
|
|
|
|
/*
|
|
|
|
|
* That filled up or would have overflowed the buffer.
|
|
|
|
|
* Nothing more we can do.
|
|
|
|
|
*/
|
|
|
|
|
return;
|
|
|
|
|
}
|
|
|
|
|
ptr += num_bytes;
|
|
|
|
|
remaining -= num_bytes;
|
|
|
|
|
|
|
|
|
|
tsprecision = get_frame_timestamp_precision(fd);
|
|
|
|
|
if (tsprecision != 0) {
|
|
|
|
|
/*
|
|
|
|
|
* Append the fractional part.
|
|
|
|
|
* Get the nsecs as a 32-bit unsigned value, as it should never
|
|
|
|
|
* be negative, so we treat it as unsigned.
|
|
|
|
|
*/
|
|
|
|
|
format_fractional_part_nsecs(ptr, remaining, (guint32)fd->abs_ts.nsecs, decimal_point, tsprecision);
|
2001-07-15 19:14:03 +00:00
|
|
|
}
|
2001-04-01 07:32:35 +00:00
|
|
|
}
|
|
|
|
|
|
2006-12-05 03:19:51 +00:00
|
|
|
static void
|
2010-04-03 18:18:50 +00:00
|
|
|
col_set_abs_time(const frame_data *fd, column_info *cinfo, const int col)
|
2006-12-05 03:19:51 +00:00
|
|
|
{
|
2017-03-19 14:35:04 +00:00
|
|
|
set_abs_time(fd, cinfo->columns[col].col_buf, col_decimal_point, TRUE);
|
2011-09-16 14:25:50 +00:00
|
|
|
cinfo->col_expr.col_expr[col] = "frame.time";
|
2021-04-30 10:18:25 +00:00
|
|
|
(void) g_strlcpy(cinfo->col_expr.col_expr_val[col],cinfo->columns[col].col_buf,COL_MAX_LEN);
|
2011-09-16 14:25:50 +00:00
|
|
|
|
2015-06-27 03:00:33 +00:00
|
|
|
cinfo->columns[col].col_data = cinfo->columns[col].col_buf;
|
2011-07-04 21:43:34 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
static void
|
|
|
|
|
col_set_utc_time(const frame_data *fd, column_info *cinfo, const int col)
|
|
|
|
|
{
|
2017-03-19 14:35:04 +00:00
|
|
|
set_abs_time(fd, cinfo->columns[col].col_buf, col_decimal_point, FALSE);
|
2011-09-16 14:25:50 +00:00
|
|
|
cinfo->col_expr.col_expr[col] = "frame.time";
|
2021-04-30 10:18:25 +00:00
|
|
|
(void) g_strlcpy(cinfo->col_expr.col_expr_val[col],cinfo->columns[col].col_buf,COL_MAX_LEN);
|
2011-09-16 14:25:50 +00:00
|
|
|
|
2015-06-27 03:00:33 +00:00
|
|
|
cinfo->columns[col].col_data = cinfo->columns[col].col_buf;
|
2009-08-19 07:55:11 +00:00
|
|
|
}
|
2006-12-05 03:19:51 +00:00
|
|
|
|
2012-02-25 23:24:34 +00:00
|
|
|
static gboolean
|
2010-04-03 18:18:50 +00:00
|
|
|
set_epoch_time(const frame_data *fd, gchar *buf)
|
2009-08-19 07:55:11 +00:00
|
|
|
{
|
2018-12-27 02:26:24 +00:00
|
|
|
if (!fd->has_ts) {
|
2012-02-25 23:24:34 +00:00
|
|
|
buf[0] = '\0';
|
|
|
|
|
return FALSE;
|
|
|
|
|
}
|
2023-09-12 19:27:50 +00:00
|
|
|
display_epoch_time(buf, COL_MAX_LEN, &fd->abs_ts, get_frame_timestamp_precision(fd));
|
2012-02-25 23:24:34 +00:00
|
|
|
return TRUE;
|
2009-08-19 07:55:11 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
static void
|
2010-04-03 18:18:50 +00:00
|
|
|
col_set_epoch_time(const frame_data *fd, column_info *cinfo, const int col)
|
2009-08-19 07:55:11 +00:00
|
|
|
{
|
2015-06-27 03:00:33 +00:00
|
|
|
if (set_epoch_time(fd, cinfo->columns[col].col_buf)) {
|
2009-08-19 07:55:11 +00:00
|
|
|
cinfo->col_expr.col_expr[col] = "frame.time_delta";
|
2021-04-30 10:18:25 +00:00
|
|
|
(void) g_strlcpy(cinfo->col_expr.col_expr_val[col],cinfo->columns[col].col_buf,COL_MAX_LEN);
|
2009-08-19 07:55:11 +00:00
|
|
|
}
|
2015-06-27 03:00:33 +00:00
|
|
|
cinfo->columns[col].col_data = cinfo->columns[col].col_buf;
|
2006-12-05 03:19:51 +00:00
|
|
|
}
|
2008-06-14 16:51:11 +00:00
|
|
|
|
2009-08-19 07:55:11 +00:00
|
|
|
void
|
2013-07-21 20:48:30 +00:00
|
|
|
set_fd_time(const epan_t *epan, frame_data *fd, gchar *buf)
|
2009-08-19 07:55:11 +00:00
|
|
|
{
|
2009-09-08 15:55:10 +00:00
|
|
|
|
2009-08-19 07:55:11 +00:00
|
|
|
switch (timestamp_get_type()) {
|
2013-06-25 19:38:15 +00:00
|
|
|
case TS_ABSOLUTE:
|
2017-03-19 14:35:04 +00:00
|
|
|
set_abs_time(fd, buf, col_decimal_point, TRUE);
|
2013-06-25 19:38:15 +00:00
|
|
|
break;
|
2009-08-19 07:55:11 +00:00
|
|
|
|
2013-11-06 20:39:09 +00:00
|
|
|
case TS_ABSOLUTE_WITH_YMD:
|
2017-03-19 14:35:04 +00:00
|
|
|
set_abs_ymd_time(fd, buf, col_decimal_point, TRUE);
|
2013-11-06 20:39:09 +00:00
|
|
|
break;
|
|
|
|
|
|
|
|
|
|
case TS_ABSOLUTE_WITH_YDOY:
|
2017-03-19 14:35:04 +00:00
|
|
|
set_abs_ydoy_time(fd, buf, col_decimal_point, TRUE);
|
2013-06-25 19:38:15 +00:00
|
|
|
break;
|
2009-08-19 07:55:11 +00:00
|
|
|
|
2013-06-25 19:38:15 +00:00
|
|
|
case TS_RELATIVE:
|
2018-12-27 02:26:24 +00:00
|
|
|
if (fd->has_ts) {
|
2013-07-21 23:07:33 +00:00
|
|
|
nstime_t del_rel_ts;
|
|
|
|
|
|
|
|
|
|
frame_delta_abs_time(epan, fd, fd->frame_ref_num, &del_rel_ts);
|
|
|
|
|
|
2013-06-25 19:38:15 +00:00
|
|
|
switch (timestamp_get_seconds_type()) {
|
|
|
|
|
case TS_SECONDS_DEFAULT:
|
2014-09-28 18:37:06 +00:00
|
|
|
set_time_seconds(fd, &del_rel_ts, buf);
|
2013-06-25 19:38:15 +00:00
|
|
|
break;
|
|
|
|
|
case TS_SECONDS_HOUR_MIN_SEC:
|
2014-09-28 18:37:06 +00:00
|
|
|
set_time_seconds(fd, &del_rel_ts, buf);
|
2013-06-25 19:38:15 +00:00
|
|
|
break;
|
|
|
|
|
default:
|
2021-06-18 18:21:42 +00:00
|
|
|
ws_assert_not_reached();
|
2012-02-25 23:24:34 +00:00
|
|
|
}
|
2013-06-25 19:38:15 +00:00
|
|
|
} else {
|
|
|
|
|
buf[0] = '\0';
|
|
|
|
|
}
|
|
|
|
|
break;
|
2009-08-19 07:55:11 +00:00
|
|
|
|
2013-06-25 19:38:15 +00:00
|
|
|
case TS_DELTA:
|
2018-12-27 02:26:24 +00:00
|
|
|
if (fd->has_ts) {
|
2013-06-25 19:38:15 +00:00
|
|
|
nstime_t del_cap_ts;
|
|
|
|
|
|
2013-07-21 20:48:30 +00:00
|
|
|
frame_delta_abs_time(epan, fd, fd->num - 1, &del_cap_ts);
|
2013-06-25 19:38:15 +00:00
|
|
|
|
|
|
|
|
switch (timestamp_get_seconds_type()) {
|
|
|
|
|
case TS_SECONDS_DEFAULT:
|
2014-09-28 18:37:06 +00:00
|
|
|
set_time_seconds(fd, &del_cap_ts, buf);
|
2013-06-25 19:38:15 +00:00
|
|
|
break;
|
|
|
|
|
case TS_SECONDS_HOUR_MIN_SEC:
|
2017-03-19 14:35:04 +00:00
|
|
|
set_time_hour_min_sec(fd, &del_cap_ts, buf, col_decimal_point);
|
2013-06-25 19:38:15 +00:00
|
|
|
break;
|
|
|
|
|
default:
|
2021-06-18 18:21:42 +00:00
|
|
|
ws_assert_not_reached();
|
2012-02-25 23:24:34 +00:00
|
|
|
}
|
2013-06-25 19:38:15 +00:00
|
|
|
} else {
|
|
|
|
|
buf[0] = '\0';
|
|
|
|
|
}
|
|
|
|
|
break;
|
2009-08-19 07:55:11 +00:00
|
|
|
|
2013-06-25 19:38:15 +00:00
|
|
|
case TS_DELTA_DIS:
|
2018-12-27 02:26:24 +00:00
|
|
|
if (fd->has_ts) {
|
2013-06-25 19:38:15 +00:00
|
|
|
nstime_t del_dis_ts;
|
|
|
|
|
|
2013-07-21 20:48:30 +00:00
|
|
|
frame_delta_abs_time(epan, fd, fd->prev_dis_num, &del_dis_ts);
|
2013-06-25 19:38:15 +00:00
|
|
|
|
|
|
|
|
switch (timestamp_get_seconds_type()) {
|
|
|
|
|
case TS_SECONDS_DEFAULT:
|
2014-09-28 18:37:06 +00:00
|
|
|
set_time_seconds(fd, &del_dis_ts, buf);
|
2013-06-25 19:38:15 +00:00
|
|
|
break;
|
|
|
|
|
case TS_SECONDS_HOUR_MIN_SEC:
|
2017-03-19 14:35:04 +00:00
|
|
|
set_time_hour_min_sec(fd, &del_dis_ts, buf, col_decimal_point);
|
2013-06-25 19:38:15 +00:00
|
|
|
break;
|
|
|
|
|
default:
|
2021-06-18 18:21:42 +00:00
|
|
|
ws_assert_not_reached();
|
2012-02-25 23:24:34 +00:00
|
|
|
}
|
2013-06-25 19:38:15 +00:00
|
|
|
} else {
|
|
|
|
|
buf[0] = '\0';
|
|
|
|
|
}
|
|
|
|
|
break;
|
2009-08-19 07:55:11 +00:00
|
|
|
|
2013-06-25 19:38:15 +00:00
|
|
|
case TS_EPOCH:
|
|
|
|
|
set_epoch_time(fd, buf);
|
|
|
|
|
break;
|
2009-08-19 07:55:11 +00:00
|
|
|
|
2013-06-25 19:38:15 +00:00
|
|
|
case TS_UTC:
|
2017-03-19 14:35:04 +00:00
|
|
|
set_abs_time(fd, buf, col_decimal_point, FALSE);
|
2013-06-25 19:38:15 +00:00
|
|
|
break;
|
2011-09-19 05:15:58 +00:00
|
|
|
|
2013-11-06 20:39:09 +00:00
|
|
|
case TS_UTC_WITH_YMD:
|
2017-03-19 14:35:04 +00:00
|
|
|
set_abs_ymd_time(fd, buf, col_decimal_point, FALSE);
|
2013-11-06 20:39:09 +00:00
|
|
|
break;
|
|
|
|
|
|
|
|
|
|
case TS_UTC_WITH_YDOY:
|
2017-03-19 14:35:04 +00:00
|
|
|
set_abs_ydoy_time(fd, buf, col_decimal_point, FALSE);
|
2013-06-25 19:38:15 +00:00
|
|
|
break;
|
2011-09-19 05:15:58 +00:00
|
|
|
|
2013-06-25 19:38:15 +00:00
|
|
|
case TS_NOT_SET:
|
|
|
|
|
/* code is missing for this case, but I don't know which [jmayer20051219] */
|
2021-06-18 18:21:42 +00:00
|
|
|
ws_assert_not_reached();
|
2013-06-25 19:38:15 +00:00
|
|
|
break;
|
2009-08-19 07:55:11 +00:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2008-06-14 16:51:11 +00:00
|
|
|
static void
|
2010-04-03 18:18:50 +00:00
|
|
|
col_set_cls_time(const frame_data *fd, column_info *cinfo, const gint col)
|
2001-04-01 07:32:35 +00:00
|
|
|
{
|
2005-08-25 21:29:54 +00:00
|
|
|
switch (timestamp_get_type()) {
|
2013-06-25 19:38:15 +00:00
|
|
|
case TS_ABSOLUTE:
|
|
|
|
|
col_set_abs_time(fd, cinfo, col);
|
|
|
|
|
break;
|
2001-04-01 07:32:35 +00:00
|
|
|
|
2013-11-06 20:39:09 +00:00
|
|
|
case TS_ABSOLUTE_WITH_YMD:
|
|
|
|
|
col_set_abs_ymd_time(fd, cinfo, col);
|
|
|
|
|
break;
|
|
|
|
|
|
|
|
|
|
case TS_ABSOLUTE_WITH_YDOY:
|
|
|
|
|
col_set_abs_ydoy_time(fd, cinfo, col);
|
2013-06-25 19:38:15 +00:00
|
|
|
break;
|
2001-04-01 07:32:35 +00:00
|
|
|
|
2013-06-25 19:38:15 +00:00
|
|
|
case TS_RELATIVE:
|
|
|
|
|
col_set_rel_time(fd, cinfo, col);
|
|
|
|
|
break;
|
2001-04-01 07:32:35 +00:00
|
|
|
|
2013-06-25 19:38:15 +00:00
|
|
|
case TS_DELTA:
|
|
|
|
|
col_set_delta_time(fd, cinfo, col);
|
|
|
|
|
break;
|
2007-03-23 18:08:17 +00:00
|
|
|
|
2013-06-25 19:38:15 +00:00
|
|
|
case TS_DELTA_DIS:
|
|
|
|
|
col_set_delta_time_dis(fd, cinfo, col);
|
|
|
|
|
break;
|
2007-03-23 18:08:17 +00:00
|
|
|
|
2013-06-25 19:38:15 +00:00
|
|
|
case TS_EPOCH:
|
|
|
|
|
col_set_epoch_time(fd, cinfo, col);
|
|
|
|
|
break;
|
2007-03-23 18:08:17 +00:00
|
|
|
|
2013-06-25 19:38:15 +00:00
|
|
|
case TS_UTC:
|
|
|
|
|
col_set_utc_time(fd, cinfo, col);
|
|
|
|
|
break;
|
2011-07-04 21:43:34 +00:00
|
|
|
|
2013-11-06 20:39:09 +00:00
|
|
|
case TS_UTC_WITH_YMD:
|
|
|
|
|
col_set_utc_ymd_time(fd, cinfo, col);
|
|
|
|
|
break;
|
|
|
|
|
|
|
|
|
|
case TS_UTC_WITH_YDOY:
|
|
|
|
|
col_set_utc_ydoy_time(fd, cinfo, col);
|
2013-06-25 19:38:15 +00:00
|
|
|
break;
|
2011-07-04 21:43:34 +00:00
|
|
|
|
2013-06-25 19:38:15 +00:00
|
|
|
case TS_NOT_SET:
|
|
|
|
|
/* code is missing for this case, but I don't know which [jmayer20051219] */
|
2021-06-18 18:21:42 +00:00
|
|
|
ws_assert_not_reached();
|
2013-06-25 19:38:15 +00:00
|
|
|
break;
|
2008-06-14 16:51:11 +00:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2012-01-28 02:21:03 +00:00
|
|
|
/* Set the format of the variable time format. */
|
|
|
|
|
static void
|
2010-04-03 18:18:50 +00:00
|
|
|
col_set_fmt_time(const frame_data *fd, column_info *cinfo, const gint fmt, const gint col)
|
2008-06-14 16:51:11 +00:00
|
|
|
{
|
2015-06-27 03:00:33 +00:00
|
|
|
COL_CHECK_REF_TIME(fd, cinfo->columns[col].col_buf);
|
2009-09-08 15:55:10 +00:00
|
|
|
|
2008-06-14 16:51:11 +00:00
|
|
|
switch (fmt) {
|
2013-06-25 19:38:15 +00:00
|
|
|
case COL_CLS_TIME:
|
|
|
|
|
col_set_cls_time(fd, cinfo, col);
|
|
|
|
|
break;
|
2008-06-14 16:51:11 +00:00
|
|
|
|
2013-06-25 19:38:15 +00:00
|
|
|
case COL_ABS_TIME:
|
|
|
|
|
col_set_abs_time(fd, cinfo, col);
|
|
|
|
|
break;
|
2008-06-14 16:51:11 +00:00
|
|
|
|
2013-11-06 20:39:09 +00:00
|
|
|
case COL_ABS_YMD_TIME:
|
|
|
|
|
col_set_abs_ymd_time(fd, cinfo, col);
|
|
|
|
|
break;
|
|
|
|
|
|
|
|
|
|
case COL_ABS_YDOY_TIME:
|
|
|
|
|
col_set_abs_ydoy_time(fd, cinfo, col);
|
2013-06-25 19:38:15 +00:00
|
|
|
break;
|
2008-06-14 16:51:11 +00:00
|
|
|
|
2013-06-25 19:38:15 +00:00
|
|
|
case COL_REL_TIME:
|
|
|
|
|
col_set_rel_time(fd, cinfo, col);
|
|
|
|
|
break;
|
2008-06-14 16:51:11 +00:00
|
|
|
|
2013-06-25 19:38:15 +00:00
|
|
|
case COL_DELTA_TIME:
|
|
|
|
|
col_set_delta_time(fd, cinfo, col);
|
|
|
|
|
break;
|
2008-06-14 16:51:11 +00:00
|
|
|
|
2013-06-25 19:38:15 +00:00
|
|
|
case COL_DELTA_TIME_DIS:
|
|
|
|
|
col_set_delta_time_dis(fd, cinfo, col);
|
|
|
|
|
break;
|
2008-06-14 16:51:11 +00:00
|
|
|
|
2013-06-25 19:38:15 +00:00
|
|
|
case COL_UTC_TIME:
|
|
|
|
|
col_set_utc_time(fd, cinfo, col);
|
|
|
|
|
break;
|
2011-07-04 21:43:34 +00:00
|
|
|
|
2013-11-06 20:39:09 +00:00
|
|
|
case COL_UTC_YMD_TIME:
|
|
|
|
|
col_set_utc_ymd_time(fd, cinfo, col);
|
|
|
|
|
break;
|
|
|
|
|
|
|
|
|
|
case COL_UTC_YDOY_TIME:
|
|
|
|
|
col_set_utc_ydoy_time(fd, cinfo, col);
|
2013-06-25 19:38:15 +00:00
|
|
|
break;
|
2011-07-04 21:43:34 +00:00
|
|
|
|
2013-06-25 19:38:15 +00:00
|
|
|
default:
|
2021-06-18 18:21:42 +00:00
|
|
|
ws_assert_not_reached();
|
2013-06-25 19:38:15 +00:00
|
|
|
break;
|
2001-04-01 07:32:35 +00:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2009-08-19 07:55:11 +00:00
|
|
|
/* --------------------------- */
|
2010-08-30 05:39:02 +00:00
|
|
|
/* Set the given (relative) time to a column element.
|
|
|
|
|
*
|
2016-01-26 04:01:46 +00:00
|
|
|
* Used by dissectors to set the time in a column
|
2010-08-30 05:39:02 +00:00
|
|
|
*
|
2013-06-25 19:38:15 +00:00
|
|
|
* @param cinfo the current packet row
|
|
|
|
|
* @param el the column to use, e.g. COL_INFO
|
|
|
|
|
* @param ts the time to set in the column
|
|
|
|
|
* @param fieldname the fieldname to use for creating a filter (when
|
|
|
|
|
* applying/preparing/copying as filter)
|
2010-08-30 05:39:02 +00:00
|
|
|
*/
|
2007-10-03 14:02:08 +00:00
|
|
|
void
|
2012-12-26 05:57:06 +00:00
|
|
|
col_set_time(column_info *cinfo, const gint el, const nstime_t *ts, const char *fieldname)
|
2007-10-03 14:02:08 +00:00
|
|
|
{
|
2009-09-08 15:55:10 +00:00
|
|
|
int col;
|
2015-06-27 03:00:33 +00:00
|
|
|
col_item_t* col_item;
|
2007-10-03 14:02:08 +00:00
|
|
|
|
2009-09-06 09:03:15 +00:00
|
|
|
if (!CHECK_COL(cinfo, el))
|
2009-03-20 12:41:03 +00:00
|
|
|
return;
|
2007-10-03 14:02:08 +00:00
|
|
|
|
2018-12-27 02:26:24 +00:00
|
|
|
/** @todo TODO: We don't respect fd->ref_time (no way to access 'fd')
|
2009-09-08 15:55:10 +00:00
|
|
|
COL_CHECK_REF_TIME(fd, buf);
|
|
|
|
|
*/
|
|
|
|
|
|
2007-10-03 14:02:08 +00:00
|
|
|
for (col = cinfo->col_first[el]; col <= cinfo->col_last[el]; col++) {
|
2015-06-27 03:00:33 +00:00
|
|
|
col_item = &cinfo->columns[col];
|
|
|
|
|
if (col_item->fmt_matx[el]) {
|
2023-09-12 19:27:50 +00:00
|
|
|
display_signed_time(col_item->col_buf, COL_MAX_LEN, ts, get_default_timestamp_precision());
|
2015-06-27 03:00:33 +00:00
|
|
|
col_item->col_data = col_item->col_buf;
|
2009-08-19 07:55:11 +00:00
|
|
|
cinfo->col_expr.col_expr[col] = fieldname;
|
2021-04-30 10:18:25 +00:00
|
|
|
(void) g_strlcpy(cinfo->col_expr.col_expr_val[col],col_item->col_buf,COL_MAX_LEN);
|
2007-10-03 14:02:08 +00:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2001-04-01 07:32:35 +00:00
|
|
|
static void
|
2013-06-04 21:36:47 +00:00
|
|
|
col_set_addr(packet_info *pinfo, const int col, const address *addr, const gboolean is_src,
|
|
|
|
|
const gboolean fill_col_exprs, const gboolean res)
|
2001-04-01 07:32:35 +00:00
|
|
|
{
|
2014-04-19 11:04:12 +00:00
|
|
|
const char *name;
|
2015-06-27 03:00:33 +00:00
|
|
|
col_item_t* col_item = &pinfo->cinfo->columns[col];
|
2014-04-19 11:04:12 +00:00
|
|
|
|
2009-09-11 14:21:04 +00:00
|
|
|
if (addr->type == AT_NONE) {
|
2009-09-07 16:05:37 +00:00
|
|
|
/* No address, nothing to do */
|
|
|
|
|
return;
|
2009-09-11 14:21:04 +00:00
|
|
|
}
|
2007-08-17 19:34:14 +00:00
|
|
|
|
2015-07-02 23:17:20 +00:00
|
|
|
if (res && (name = address_to_name(addr)) != NULL)
|
2015-06-27 03:00:33 +00:00
|
|
|
col_item->col_data = name;
|
2014-04-19 11:04:12 +00:00
|
|
|
else {
|
2015-06-27 03:00:33 +00:00
|
|
|
col_item->col_data = col_item->col_buf;
|
|
|
|
|
address_to_str_buf(addr, col_item->col_buf, COL_MAX_LEN);
|
2014-04-19 11:04:12 +00:00
|
|
|
}
|
2003-08-26 01:30:48 +00:00
|
|
|
|
2009-09-08 19:00:54 +00:00
|
|
|
if (!fill_col_exprs)
|
|
|
|
|
return;
|
|
|
|
|
|
2015-02-08 18:49:57 +00:00
|
|
|
pinfo->cinfo->col_expr.col_expr[col] = address_type_column_filter_string(addr, is_src);
|
|
|
|
|
/* For address types that have a filter, create a string */
|
|
|
|
|
if (strlen(pinfo->cinfo->col_expr.col_expr[col]) > 0)
|
2010-02-23 19:28:38 +00:00
|
|
|
address_to_str_buf(addr, pinfo->cinfo->col_expr.col_expr_val[col], COL_MAX_LEN);
|
2001-04-01 07:32:35 +00:00
|
|
|
}
|
|
|
|
|
|
2009-08-19 07:55:11 +00:00
|
|
|
/* ------------------------ */
|
2001-04-01 07:32:35 +00:00
|
|
|
static void
|
2010-04-03 18:18:50 +00:00
|
|
|
col_set_port(packet_info *pinfo, const int col, const gboolean is_res, const gboolean is_src, const gboolean fill_col_exprs _U_)
|
2001-04-01 07:32:35 +00:00
|
|
|
{
|
2002-12-10 01:17:21 +00:00
|
|
|
guint32 port;
|
2015-06-27 03:00:33 +00:00
|
|
|
col_item_t* col_item = &pinfo->cinfo->columns[col];
|
2002-12-10 01:17:21 +00:00
|
|
|
|
|
|
|
|
if (is_src)
|
|
|
|
|
port = pinfo->srcport;
|
|
|
|
|
else
|
|
|
|
|
port = pinfo->destport;
|
2001-04-01 07:32:35 +00:00
|
|
|
|
2009-09-08 19:00:54 +00:00
|
|
|
/* TODO: Use fill_col_exprs */
|
|
|
|
|
|
2009-08-22 19:29:44 +00:00
|
|
|
switch (pinfo->ptype) {
|
2001-04-01 07:32:35 +00:00
|
|
|
case PT_SCTP:
|
|
|
|
|
if (is_res)
|
2021-04-30 10:18:25 +00:00
|
|
|
(void) g_strlcpy(col_item->col_buf, sctp_port_to_display(pinfo->pool, port), COL_MAX_LEN);
|
2001-04-01 07:32:35 +00:00
|
|
|
else
|
2015-06-27 03:00:33 +00:00
|
|
|
guint32_to_str_buf(port, col_item->col_buf, COL_MAX_LEN);
|
2001-04-01 07:32:35 +00:00
|
|
|
break;
|
2002-08-28 20:41:00 +00:00
|
|
|
|
2001-04-01 07:32:35 +00:00
|
|
|
case PT_TCP:
|
2010-02-23 19:28:38 +00:00
|
|
|
guint32_to_str_buf(port, pinfo->cinfo->col_expr.col_expr_val[col], COL_MAX_LEN);
|
2001-04-01 07:32:35 +00:00
|
|
|
if (is_res)
|
2021-04-30 10:18:25 +00:00
|
|
|
(void) g_strlcpy(col_item->col_buf, tcp_port_to_display(pinfo->pool, port), COL_MAX_LEN);
|
2001-04-01 07:32:35 +00:00
|
|
|
else
|
2021-04-30 10:18:25 +00:00
|
|
|
(void) g_strlcpy(col_item->col_buf, pinfo->cinfo->col_expr.col_expr_val[col], COL_MAX_LEN);
|
2002-01-11 08:21:02 +00:00
|
|
|
if (is_src)
|
2009-08-19 07:55:11 +00:00
|
|
|
pinfo->cinfo->col_expr.col_expr[col] = "tcp.srcport";
|
2002-01-11 08:21:02 +00:00
|
|
|
else
|
2009-08-19 07:55:11 +00:00
|
|
|
pinfo->cinfo->col_expr.col_expr[col] = "tcp.dstport";
|
2001-04-01 07:32:35 +00:00
|
|
|
break;
|
|
|
|
|
|
|
|
|
|
case PT_UDP:
|
2010-02-23 19:28:38 +00:00
|
|
|
guint32_to_str_buf(port, pinfo->cinfo->col_expr.col_expr_val[col], COL_MAX_LEN);
|
2001-04-01 07:32:35 +00:00
|
|
|
if (is_res)
|
2021-04-30 10:18:25 +00:00
|
|
|
(void) g_strlcpy(col_item->col_buf, udp_port_to_display(pinfo->pool, port), COL_MAX_LEN);
|
2001-04-01 07:32:35 +00:00
|
|
|
else
|
2021-04-30 10:18:25 +00:00
|
|
|
(void) g_strlcpy(col_item->col_buf, pinfo->cinfo->col_expr.col_expr_val[col], COL_MAX_LEN);
|
2002-01-11 08:21:02 +00:00
|
|
|
if (is_src)
|
2009-08-19 07:55:11 +00:00
|
|
|
pinfo->cinfo->col_expr.col_expr[col] = "udp.srcport";
|
2002-01-11 08:21:02 +00:00
|
|
|
else
|
2009-08-19 07:55:11 +00:00
|
|
|
pinfo->cinfo->col_expr.col_expr[col] = "udp.dstport";
|
2001-04-01 07:32:35 +00:00
|
|
|
break;
|
|
|
|
|
|
2002-06-28 20:13:03 +00:00
|
|
|
case PT_DDP:
|
|
|
|
|
if (is_src)
|
2009-08-19 07:55:11 +00:00
|
|
|
pinfo->cinfo->col_expr.col_expr[col] = "ddp.src_socket";
|
2002-06-28 20:13:03 +00:00
|
|
|
else
|
2009-08-19 07:55:11 +00:00
|
|
|
pinfo->cinfo->col_expr.col_expr[col] = "ddp.dst_socket";
|
2010-02-23 19:28:38 +00:00
|
|
|
guint32_to_str_buf(port, pinfo->cinfo->col_expr.col_expr_val[col], COL_MAX_LEN);
|
2021-04-30 10:18:25 +00:00
|
|
|
(void) g_strlcpy(col_item->col_buf, pinfo->cinfo->col_expr.col_expr_val[col], COL_MAX_LEN);
|
2002-06-28 20:13:03 +00:00
|
|
|
break;
|
|
|
|
|
|
Add a new port type, PT_IPX, for IPX socket numbers; set "pinfo->ptype",
"pinfo->srcport", and "pinfo->destport" appropriately in the IPX
dissector. Add support for PT_IPX port types in display columns.
Have an "spx.socket" dissector table, similar to the "ipx.socket"
dissector table, and have the SPX dissector use that, with the IPX
socket numbers from "pinfo->srcport" and "pinfo->destport", so that
dissectors for protocols that run atop SPX can register with particular
socket numbers. (Think of it as similar to what would have been the
case had the IP header had 16-bit source and destination port numbers,
and had TCP and UDP used those port numbers rather than having port
numbers in their headers.) Also, have the SPX dissector dissect
subprotocols regardless of whether we're building a protocol tree or not.
Use the dissector handle for the IPX message dissector for both IPX
socket numbers; there's no need to create separate handles for both
registrations.
Have NDPS register as a subdissector of the SPX dissector, using
"spx.socket", and get rid of the duplicate SPX dissection in the NDPS
dissector.
Make the NDPS dissector set the columns regardless of whether a protocol
tree is being built, and clean up the dissector (fixing some bugs).
Get rid of unneeded includes in "packet-ndps.c".
svn path=/trunk/; revision=6424
2002-10-15 04:31:00 +00:00
|
|
|
case PT_IPX:
|
|
|
|
|
/* XXX - resolve IPX socket numbers */
|
2021-02-27 07:17:11 +00:00
|
|
|
snprintf(col_item->col_buf, COL_MAX_LEN, "0x%04x", port);
|
2021-04-30 10:18:25 +00:00
|
|
|
(void) g_strlcpy(pinfo->cinfo->col_expr.col_expr_val[col], col_item->col_buf,COL_MAX_LEN);
|
Add a new port type, PT_IPX, for IPX socket numbers; set "pinfo->ptype",
"pinfo->srcport", and "pinfo->destport" appropriately in the IPX
dissector. Add support for PT_IPX port types in display columns.
Have an "spx.socket" dissector table, similar to the "ipx.socket"
dissector table, and have the SPX dissector use that, with the IPX
socket numbers from "pinfo->srcport" and "pinfo->destport", so that
dissectors for protocols that run atop SPX can register with particular
socket numbers. (Think of it as similar to what would have been the
case had the IP header had 16-bit source and destination port numbers,
and had TCP and UDP used those port numbers rather than having port
numbers in their headers.) Also, have the SPX dissector dissect
subprotocols regardless of whether we're building a protocol tree or not.
Use the dissector handle for the IPX message dissector for both IPX
socket numbers; there's no need to create separate handles for both
registrations.
Have NDPS register as a subdissector of the SPX dissector, using
"spx.socket", and get rid of the duplicate SPX dissection in the NDPS
dissector.
Make the NDPS dissector set the columns regardless of whether a protocol
tree is being built, and clean up the dissector (fixing some bugs).
Get rid of unneeded includes in "packet-ndps.c".
svn path=/trunk/; revision=6424
2002-10-15 04:31:00 +00:00
|
|
|
if (is_src)
|
2009-08-19 07:55:11 +00:00
|
|
|
pinfo->cinfo->col_expr.col_expr[col] = "ipx.src.socket";
|
Add a new port type, PT_IPX, for IPX socket numbers; set "pinfo->ptype",
"pinfo->srcport", and "pinfo->destport" appropriately in the IPX
dissector. Add support for PT_IPX port types in display columns.
Have an "spx.socket" dissector table, similar to the "ipx.socket"
dissector table, and have the SPX dissector use that, with the IPX
socket numbers from "pinfo->srcport" and "pinfo->destport", so that
dissectors for protocols that run atop SPX can register with particular
socket numbers. (Think of it as similar to what would have been the
case had the IP header had 16-bit source and destination port numbers,
and had TCP and UDP used those port numbers rather than having port
numbers in their headers.) Also, have the SPX dissector dissect
subprotocols regardless of whether we're building a protocol tree or not.
Use the dissector handle for the IPX message dissector for both IPX
socket numbers; there's no need to create separate handles for both
registrations.
Have NDPS register as a subdissector of the SPX dissector, using
"spx.socket", and get rid of the duplicate SPX dissection in the NDPS
dissector.
Make the NDPS dissector set the columns regardless of whether a protocol
tree is being built, and clean up the dissector (fixing some bugs).
Get rid of unneeded includes in "packet-ndps.c".
svn path=/trunk/; revision=6424
2002-10-15 04:31:00 +00:00
|
|
|
else
|
2009-08-19 07:55:11 +00:00
|
|
|
pinfo->cinfo->col_expr.col_expr[col] = "ipx.dst.socket";
|
2005-03-06 20:13:58 +00:00
|
|
|
break;
|
|
|
|
|
|
|
|
|
|
case PT_IDP:
|
|
|
|
|
/* XXX - resolve IDP socket numbers */
|
2021-02-27 07:17:11 +00:00
|
|
|
snprintf(col_item->col_buf, COL_MAX_LEN, "0x%04x", port);
|
2021-04-30 10:18:25 +00:00
|
|
|
(void) g_strlcpy(pinfo->cinfo->col_expr.col_expr_val[col], col_item->col_buf,COL_MAX_LEN);
|
2005-03-06 20:13:58 +00:00
|
|
|
if (is_src)
|
2009-08-19 07:55:11 +00:00
|
|
|
pinfo->cinfo->col_expr.col_expr[col] = "idp.src.socket";
|
2005-03-06 20:13:58 +00:00
|
|
|
else
|
2009-08-19 07:55:11 +00:00
|
|
|
pinfo->cinfo->col_expr.col_expr[col] = "idp.dst.socket";
|
Add a new port type, PT_IPX, for IPX socket numbers; set "pinfo->ptype",
"pinfo->srcport", and "pinfo->destport" appropriately in the IPX
dissector. Add support for PT_IPX port types in display columns.
Have an "spx.socket" dissector table, similar to the "ipx.socket"
dissector table, and have the SPX dissector use that, with the IPX
socket numbers from "pinfo->srcport" and "pinfo->destport", so that
dissectors for protocols that run atop SPX can register with particular
socket numbers. (Think of it as similar to what would have been the
case had the IP header had 16-bit source and destination port numbers,
and had TCP and UDP used those port numbers rather than having port
numbers in their headers.) Also, have the SPX dissector dissect
subprotocols regardless of whether we're building a protocol tree or not.
Use the dissector handle for the IPX message dissector for both IPX
socket numbers; there's no need to create separate handles for both
registrations.
Have NDPS register as a subdissector of the SPX dissector, using
"spx.socket", and get rid of the duplicate SPX dissection in the NDPS
dissector.
Make the NDPS dissector set the columns regardless of whether a protocol
tree is being built, and clean up the dissector (fixing some bugs).
Get rid of unneeded includes in "packet-ndps.c".
svn path=/trunk/; revision=6424
2002-10-15 04:31:00 +00:00
|
|
|
break;
|
|
|
|
|
|
2006-10-15 06:10:59 +00:00
|
|
|
case PT_USB:
|
|
|
|
|
/* XXX - resolve USB endpoint numbers */
|
2021-02-27 07:17:11 +00:00
|
|
|
snprintf(col_item->col_buf, COL_MAX_LEN, "0x%08x", port);
|
2021-04-30 10:18:25 +00:00
|
|
|
(void) g_strlcpy(pinfo->cinfo->col_expr.col_expr_val[col], col_item->col_buf,COL_MAX_LEN);
|
2006-10-15 06:10:59 +00:00
|
|
|
if (is_src)
|
2009-08-19 07:55:11 +00:00
|
|
|
pinfo->cinfo->col_expr.col_expr[col] = "usb.src.endpoint";
|
2006-10-15 06:10:59 +00:00
|
|
|
else
|
2009-08-19 07:55:11 +00:00
|
|
|
pinfo->cinfo->col_expr.col_expr[col] = "usb.dst.endpoint";
|
2006-10-15 06:10:59 +00:00
|
|
|
break;
|
|
|
|
|
|
2001-04-01 07:32:35 +00:00
|
|
|
default:
|
|
|
|
|
break;
|
|
|
|
|
}
|
2015-06-27 03:00:33 +00:00
|
|
|
col_item->col_data = col_item->col_buf;
|
2001-04-01 07:32:35 +00:00
|
|
|
}
|
|
|
|
|
|
2009-07-27 03:34:57 +00:00
|
|
|
gboolean
|
2010-04-03 18:18:50 +00:00
|
|
|
col_based_on_frame_data(column_info *cinfo, const gint col)
|
2001-04-01 07:32:35 +00:00
|
|
|
{
|
2021-06-18 18:21:42 +00:00
|
|
|
ws_assert(cinfo);
|
|
|
|
|
ws_assert(col < cinfo->num_cols);
|
2013-06-25 19:38:15 +00:00
|
|
|
|
2015-06-27 03:00:33 +00:00
|
|
|
switch (cinfo->columns[col].col_fmt) {
|
2013-06-25 19:38:15 +00:00
|
|
|
case COL_NUMBER:
|
|
|
|
|
case COL_CLS_TIME:
|
|
|
|
|
case COL_ABS_TIME:
|
2013-11-06 20:39:09 +00:00
|
|
|
case COL_ABS_YMD_TIME:
|
|
|
|
|
case COL_ABS_YDOY_TIME:
|
2013-06-25 19:38:15 +00:00
|
|
|
case COL_UTC_TIME:
|
2013-11-06 20:39:09 +00:00
|
|
|
case COL_UTC_YMD_TIME:
|
|
|
|
|
case COL_UTC_YDOY_TIME:
|
2013-06-25 19:38:15 +00:00
|
|
|
case COL_REL_TIME:
|
|
|
|
|
case COL_DELTA_TIME:
|
|
|
|
|
case COL_DELTA_TIME_DIS:
|
|
|
|
|
case COL_PACKET_LENGTH:
|
|
|
|
|
case COL_CUMULATIVE_BYTES:
|
|
|
|
|
return TRUE;
|
2001-04-01 07:32:35 +00:00
|
|
|
|
2013-06-25 19:38:15 +00:00
|
|
|
default:
|
|
|
|
|
return FALSE;
|
|
|
|
|
}
|
2009-07-27 03:34:57 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
void
|
2010-04-03 18:18:50 +00:00
|
|
|
col_fill_in_frame_data(const frame_data *fd, column_info *cinfo, const gint col, const gboolean fill_col_exprs)
|
2009-07-27 03:34:57 +00:00
|
|
|
{
|
2015-06-27 03:00:33 +00:00
|
|
|
col_item_t* col_item = &cinfo->columns[col];
|
|
|
|
|
|
|
|
|
|
switch (col_item->col_fmt) {
|
2013-06-25 19:38:15 +00:00
|
|
|
case COL_NUMBER:
|
2015-06-27 03:00:33 +00:00
|
|
|
guint32_to_str_buf(fd->num, col_item->col_buf, COL_MAX_LEN);
|
|
|
|
|
col_item->col_data = col_item->col_buf;
|
2013-06-25 19:38:15 +00:00
|
|
|
break;
|
2001-04-01 07:32:35 +00:00
|
|
|
|
2013-06-25 19:38:15 +00:00
|
|
|
case COL_CLS_TIME:
|
|
|
|
|
case COL_ABS_TIME:
|
2013-11-06 20:39:09 +00:00
|
|
|
case COL_ABS_YMD_TIME:
|
|
|
|
|
case COL_ABS_YDOY_TIME:
|
2013-06-25 19:38:15 +00:00
|
|
|
case COL_UTC_TIME:
|
2013-11-06 20:39:09 +00:00
|
|
|
case COL_UTC_YMD_TIME:
|
|
|
|
|
case COL_UTC_YDOY_TIME:
|
2013-06-25 19:38:15 +00:00
|
|
|
case COL_REL_TIME:
|
|
|
|
|
case COL_DELTA_TIME:
|
|
|
|
|
case COL_DELTA_TIME_DIS:
|
|
|
|
|
/* TODO: Pass on fill_col_exprs */
|
2015-06-27 03:00:33 +00:00
|
|
|
col_set_fmt_time(fd, cinfo, col_item->col_fmt, col);
|
2013-06-25 19:38:15 +00:00
|
|
|
break;
|
2001-04-01 07:32:35 +00:00
|
|
|
|
2013-06-25 19:38:15 +00:00
|
|
|
case COL_PACKET_LENGTH:
|
2015-06-27 03:00:33 +00:00
|
|
|
guint32_to_str_buf(fd->pkt_len, col_item->col_buf, COL_MAX_LEN);
|
|
|
|
|
col_item->col_data = col_item->col_buf;
|
2013-06-25 19:38:15 +00:00
|
|
|
break;
|
2001-04-01 07:32:35 +00:00
|
|
|
|
2013-06-25 19:38:15 +00:00
|
|
|
case COL_CUMULATIVE_BYTES:
|
2015-06-27 03:00:33 +00:00
|
|
|
guint32_to_str_buf(fd->cum_bytes, col_item->col_buf, COL_MAX_LEN);
|
|
|
|
|
col_item->col_data = col_item->col_buf;
|
2013-06-25 19:38:15 +00:00
|
|
|
break;
|
2009-09-08 19:00:54 +00:00
|
|
|
|
2013-06-25 19:38:15 +00:00
|
|
|
default:
|
|
|
|
|
break;
|
|
|
|
|
}
|
2009-09-08 19:00:54 +00:00
|
|
|
|
2013-06-25 19:38:15 +00:00
|
|
|
if (!fill_col_exprs)
|
|
|
|
|
return;
|
2009-09-08 19:00:54 +00:00
|
|
|
|
2015-06-27 03:00:33 +00:00
|
|
|
switch (col_item->col_fmt) {
|
2013-06-25 19:38:15 +00:00
|
|
|
case COL_NUMBER:
|
|
|
|
|
cinfo->col_expr.col_expr[col] = "frame.number";
|
2021-04-30 10:18:25 +00:00
|
|
|
(void) g_strlcpy(cinfo->col_expr.col_expr_val[col], col_item->col_buf, COL_MAX_LEN);
|
2013-06-25 19:38:15 +00:00
|
|
|
break;
|
2009-09-08 19:00:54 +00:00
|
|
|
|
2013-06-25 19:38:15 +00:00
|
|
|
case COL_CLS_TIME:
|
|
|
|
|
case COL_ABS_TIME:
|
2013-11-06 20:39:09 +00:00
|
|
|
case COL_ABS_YMD_TIME:
|
|
|
|
|
case COL_ABS_YDOY_TIME:
|
2013-06-25 19:38:15 +00:00
|
|
|
case COL_UTC_TIME:
|
2013-11-06 20:39:09 +00:00
|
|
|
case COL_UTC_YMD_TIME:
|
|
|
|
|
case COL_UTC_YDOY_TIME:
|
2013-06-25 19:38:15 +00:00
|
|
|
case COL_REL_TIME:
|
|
|
|
|
case COL_DELTA_TIME:
|
|
|
|
|
case COL_DELTA_TIME_DIS:
|
|
|
|
|
/* Already handled above */
|
|
|
|
|
break;
|
2009-09-08 19:00:54 +00:00
|
|
|
|
2013-06-25 19:38:15 +00:00
|
|
|
case COL_PACKET_LENGTH:
|
|
|
|
|
cinfo->col_expr.col_expr[col] = "frame.len";
|
2021-04-30 10:18:25 +00:00
|
|
|
(void) g_strlcpy(cinfo->col_expr.col_expr_val[col], col_item->col_buf, COL_MAX_LEN);
|
2013-06-25 19:38:15 +00:00
|
|
|
break;
|
2009-09-08 19:00:54 +00:00
|
|
|
|
2013-06-25 19:38:15 +00:00
|
|
|
case COL_CUMULATIVE_BYTES:
|
|
|
|
|
break;
|
2009-09-08 19:00:54 +00:00
|
|
|
|
2013-06-25 19:38:15 +00:00
|
|
|
default:
|
|
|
|
|
break;
|
|
|
|
|
}
|
2009-07-27 03:34:57 +00:00
|
|
|
}
|
2001-04-01 07:32:35 +00:00
|
|
|
|
2009-07-27 03:34:57 +00:00
|
|
|
void
|
2010-04-03 18:18:50 +00:00
|
|
|
col_fill_in(packet_info *pinfo, const gboolean fill_col_exprs, const gboolean fill_fd_colums)
|
2009-07-27 03:34:57 +00:00
|
|
|
{
|
|
|
|
|
int i;
|
2015-06-27 03:00:33 +00:00
|
|
|
col_item_t* col_item;
|
2009-07-27 03:34:57 +00:00
|
|
|
|
2009-08-10 20:52:56 +00:00
|
|
|
if (!pinfo->cinfo)
|
|
|
|
|
return;
|
|
|
|
|
|
2009-07-27 03:34:57 +00:00
|
|
|
for (i = 0; i < pinfo->cinfo->num_cols; i++) {
|
2015-06-27 03:00:33 +00:00
|
|
|
col_item = &pinfo->cinfo->columns[i];
|
2014-01-06 23:02:32 +00:00
|
|
|
if (col_based_on_frame_data(pinfo->cinfo, i)) {
|
2009-07-27 08:33:26 +00:00
|
|
|
if (fill_fd_colums)
|
2009-09-08 19:00:54 +00:00
|
|
|
col_fill_in_frame_data(pinfo->fd, pinfo->cinfo, i, fill_col_exprs);
|
2014-01-06 23:02:32 +00:00
|
|
|
} else {
|
2015-06-27 03:00:33 +00:00
|
|
|
switch (col_item->col_fmt) {
|
2014-01-06 23:02:32 +00:00
|
|
|
case COL_DEF_SRC:
|
|
|
|
|
case COL_RES_SRC: /* COL_DEF_SRC is currently just like COL_RES_SRC */
|
|
|
|
|
col_set_addr(pinfo, i, &pinfo->src, TRUE, fill_col_exprs, TRUE);
|
|
|
|
|
break;
|
2001-04-01 07:32:35 +00:00
|
|
|
|
2014-01-06 23:02:32 +00:00
|
|
|
case COL_UNRES_SRC:
|
|
|
|
|
col_set_addr(pinfo, i, &pinfo->src, TRUE, fill_col_exprs, FALSE);
|
|
|
|
|
break;
|
2001-04-01 07:32:35 +00:00
|
|
|
|
2014-01-06 23:02:32 +00:00
|
|
|
case COL_DEF_DL_SRC:
|
|
|
|
|
case COL_RES_DL_SRC:
|
|
|
|
|
col_set_addr(pinfo, i, &pinfo->dl_src, TRUE, fill_col_exprs, TRUE);
|
|
|
|
|
break;
|
2001-04-01 07:32:35 +00:00
|
|
|
|
2014-01-06 23:02:32 +00:00
|
|
|
case COL_UNRES_DL_SRC:
|
|
|
|
|
col_set_addr(pinfo, i, &pinfo->dl_src, TRUE, fill_col_exprs, FALSE);
|
|
|
|
|
break;
|
2001-04-01 07:32:35 +00:00
|
|
|
|
2014-01-06 23:02:32 +00:00
|
|
|
case COL_DEF_NET_SRC:
|
|
|
|
|
case COL_RES_NET_SRC:
|
|
|
|
|
col_set_addr(pinfo, i, &pinfo->net_src, TRUE, fill_col_exprs, TRUE);
|
|
|
|
|
break;
|
2001-04-01 07:32:35 +00:00
|
|
|
|
2014-01-06 23:02:32 +00:00
|
|
|
case COL_UNRES_NET_SRC:
|
|
|
|
|
col_set_addr(pinfo, i, &pinfo->net_src, TRUE, fill_col_exprs, FALSE);
|
|
|
|
|
break;
|
2001-04-01 07:32:35 +00:00
|
|
|
|
2014-01-06 23:02:32 +00:00
|
|
|
case COL_DEF_DST:
|
|
|
|
|
case COL_RES_DST: /* COL_DEF_DST is currently just like COL_RES_DST */
|
|
|
|
|
col_set_addr(pinfo, i, &pinfo->dst, FALSE, fill_col_exprs, TRUE);
|
|
|
|
|
break;
|
2001-04-01 07:32:35 +00:00
|
|
|
|
2014-01-06 23:02:32 +00:00
|
|
|
case COL_UNRES_DST:
|
|
|
|
|
col_set_addr(pinfo, i, &pinfo->dst, FALSE, fill_col_exprs, FALSE);
|
|
|
|
|
break;
|
2001-04-01 07:32:35 +00:00
|
|
|
|
2014-01-06 23:02:32 +00:00
|
|
|
case COL_DEF_DL_DST:
|
|
|
|
|
case COL_RES_DL_DST:
|
|
|
|
|
col_set_addr(pinfo, i, &pinfo->dl_dst, FALSE, fill_col_exprs, TRUE);
|
|
|
|
|
break;
|
2001-04-01 07:32:35 +00:00
|
|
|
|
2014-01-06 23:02:32 +00:00
|
|
|
case COL_UNRES_DL_DST:
|
|
|
|
|
col_set_addr(pinfo, i, &pinfo->dl_dst, FALSE, fill_col_exprs, FALSE);
|
|
|
|
|
break;
|
2001-04-01 07:32:35 +00:00
|
|
|
|
2014-01-06 23:02:32 +00:00
|
|
|
case COL_DEF_NET_DST:
|
|
|
|
|
case COL_RES_NET_DST:
|
|
|
|
|
col_set_addr(pinfo, i, &pinfo->net_dst, FALSE, fill_col_exprs, TRUE);
|
|
|
|
|
break;
|
2001-04-01 07:32:35 +00:00
|
|
|
|
2014-01-06 23:02:32 +00:00
|
|
|
case COL_UNRES_NET_DST:
|
|
|
|
|
col_set_addr(pinfo, i, &pinfo->net_dst, FALSE, fill_col_exprs, FALSE);
|
|
|
|
|
break;
|
2001-04-01 07:32:35 +00:00
|
|
|
|
2014-01-06 23:02:32 +00:00
|
|
|
case COL_DEF_SRC_PORT:
|
|
|
|
|
case COL_RES_SRC_PORT: /* COL_DEF_SRC_PORT is currently just like COL_RES_SRC_PORT */
|
|
|
|
|
col_set_port(pinfo, i, TRUE, TRUE, fill_col_exprs);
|
|
|
|
|
break;
|
2001-04-01 07:32:35 +00:00
|
|
|
|
2014-01-06 23:02:32 +00:00
|
|
|
case COL_UNRES_SRC_PORT:
|
|
|
|
|
col_set_port(pinfo, i, FALSE, TRUE, fill_col_exprs);
|
|
|
|
|
break;
|
2001-04-01 07:32:35 +00:00
|
|
|
|
2014-01-06 23:02:32 +00:00
|
|
|
case COL_DEF_DST_PORT:
|
|
|
|
|
case COL_RES_DST_PORT: /* COL_DEF_DST_PORT is currently just like COL_RES_DST_PORT */
|
|
|
|
|
col_set_port(pinfo, i, TRUE, FALSE, fill_col_exprs);
|
|
|
|
|
break;
|
2001-04-01 07:32:35 +00:00
|
|
|
|
2014-01-06 23:02:32 +00:00
|
|
|
case COL_UNRES_DST_PORT:
|
|
|
|
|
col_set_port(pinfo, i, FALSE, FALSE, fill_col_exprs);
|
|
|
|
|
break;
|
2001-04-01 07:32:35 +00:00
|
|
|
|
epan: Register dynamic column fields and make them filterable
Make the text of each registered column a FT_STRING field that can be
filtered, prefixed with _ws.col - these work in display filters, filters
in taps, coloring rules, Wireshark read filters, and in the -Y, -R, -e,
and -j options to tshark. Use them as the default "Apply as Filter" value
for the columns that aren't handled by anything else currently.
Because only the columns formats that actually correspond to columns
get filled in (invisible columns work), register and deregister the
fields when the columns change.
Use the lower case version of the rest of the COL_* define for each
column as the field name.
This adds a number of conditions to "when are the columns needed",
including when the main display filter or any filter on a tap is
using one of these fields.
Custom columns are currently not implemented. For custom columns, the
tree then has to be further primed with any fields used by the custom
columns as well. (Perhaps that should happen in epan_dissect_run() -
are there any cases where we construct the columns and don't want to
prime with any field that custom columns contains? Possibly in taps
that we know only use build in columns.)
Thus, for performance reasons, you're better off matching an ordinary
field if possible; it takes extra time to generate the columns and many
of them are numeric types. (Note that you can always convert a non-string
field to a string field if you want regex matching, consult the
*wireshark-filter(4)* man page.) It does save a bit on typing (especially
for a multifield custom column) and remembering the column title might
be easier in some cases.
The columns are set before the color filters, which means that you
can have a color filter that depends on a built-in column like Info or
Protocol.
Remove the special handling for the -e option to tshark. Note that
the behavior is a little different now, because fixed field names
are used instead of the titles (using the titles allowed illegal
filter names, because it wasn't going through the filter engine.)
For default names, this means that they're no longer capitalized,
so "_ws.col.info" instead of "_ws.col.Info" - hopefully a small
price in exchange for the filters working everywhere.
The output format for -T fields remains the same; all that special
handling is removed (except for remembering if someone asked for
a column field to know that columns should be constructed.)
They're also set before the postdissectors, so postdissectors can
have access.
Anything that depends on whether a packet and previous packets are
displayed (COL_DELTA_TIME_DIS or COL_CUMULATIVE_BYTES) doesn't work
the way most people expect, so don't register fields for those.
(The same is already true of color filters that use those, along with
color filters that use the color filter fields.)
Fix #16576. Fix #17971. Fix #4684. Fix #13491. Fix #13941.
2023-05-01 12:02:18 +00:00
|
|
|
case COL_CUSTOM:
|
|
|
|
|
/* Formatting handled by col_custom_set_edt() / col_custom_get_filter() */
|
|
|
|
|
break;
|
|
|
|
|
|
2014-01-06 23:02:32 +00:00
|
|
|
case NUM_COL_FMTS: /* keep compiler happy - shouldn't get here */
|
2021-06-18 18:21:42 +00:00
|
|
|
ws_assert_not_reached();
|
2014-01-06 23:02:32 +00:00
|
|
|
break;
|
|
|
|
|
default:
|
2015-06-27 03:00:33 +00:00
|
|
|
if (col_item->col_fmt >= NUM_COL_FMTS) {
|
2021-06-18 18:21:42 +00:00
|
|
|
ws_assert_not_reached();
|
2014-01-06 23:02:32 +00:00
|
|
|
}
|
|
|
|
|
/*
|
epan: Register dynamic column fields and make them filterable
Make the text of each registered column a FT_STRING field that can be
filtered, prefixed with _ws.col - these work in display filters, filters
in taps, coloring rules, Wireshark read filters, and in the -Y, -R, -e,
and -j options to tshark. Use them as the default "Apply as Filter" value
for the columns that aren't handled by anything else currently.
Because only the columns formats that actually correspond to columns
get filled in (invisible columns work), register and deregister the
fields when the columns change.
Use the lower case version of the rest of the COL_* define for each
column as the field name.
This adds a number of conditions to "when are the columns needed",
including when the main display filter or any filter on a tap is
using one of these fields.
Custom columns are currently not implemented. For custom columns, the
tree then has to be further primed with any fields used by the custom
columns as well. (Perhaps that should happen in epan_dissect_run() -
are there any cases where we construct the columns and don't want to
prime with any field that custom columns contains? Possibly in taps
that we know only use build in columns.)
Thus, for performance reasons, you're better off matching an ordinary
field if possible; it takes extra time to generate the columns and many
of them are numeric types. (Note that you can always convert a non-string
field to a string field if you want regex matching, consult the
*wireshark-filter(4)* man page.) It does save a bit on typing (especially
for a multifield custom column) and remembering the column title might
be easier in some cases.
The columns are set before the color filters, which means that you
can have a color filter that depends on a built-in column like Info or
Protocol.
Remove the special handling for the -e option to tshark. Note that
the behavior is a little different now, because fixed field names
are used instead of the titles (using the titles allowed illegal
filter names, because it wasn't going through the filter engine.)
For default names, this means that they're no longer capitalized,
so "_ws.col.info" instead of "_ws.col.Info" - hopefully a small
price in exchange for the filters working everywhere.
The output format for -T fields remains the same; all that special
handling is removed (except for remembering if someone asked for
a column field to know that columns should be constructed.)
They're also set before the postdissectors, so postdissectors can
have access.
Anything that depends on whether a packet and previous packets are
displayed (COL_DELTA_TIME_DIS or COL_CUMULATIVE_BYTES) doesn't work
the way most people expect, so don't register fields for those.
(The same is already true of color filters that use those, along with
color filters that use the color filter fields.)
Fix #16576. Fix #17971. Fix #4684. Fix #13491. Fix #13941.
2023-05-01 12:02:18 +00:00
|
|
|
* Formatting handled by expert.c (COL_EXPERT), or individual
|
|
|
|
|
* dissectors. Fill in from the text using the internal hfid.
|
2014-01-06 23:02:32 +00:00
|
|
|
*/
|
epan: Register dynamic column fields and make them filterable
Make the text of each registered column a FT_STRING field that can be
filtered, prefixed with _ws.col - these work in display filters, filters
in taps, coloring rules, Wireshark read filters, and in the -Y, -R, -e,
and -j options to tshark. Use them as the default "Apply as Filter" value
for the columns that aren't handled by anything else currently.
Because only the columns formats that actually correspond to columns
get filled in (invisible columns work), register and deregister the
fields when the columns change.
Use the lower case version of the rest of the COL_* define for each
column as the field name.
This adds a number of conditions to "when are the columns needed",
including when the main display filter or any filter on a tap is
using one of these fields.
Custom columns are currently not implemented. For custom columns, the
tree then has to be further primed with any fields used by the custom
columns as well. (Perhaps that should happen in epan_dissect_run() -
are there any cases where we construct the columns and don't want to
prime with any field that custom columns contains? Possibly in taps
that we know only use build in columns.)
Thus, for performance reasons, you're better off matching an ordinary
field if possible; it takes extra time to generate the columns and many
of them are numeric types. (Note that you can always convert a non-string
field to a string field if you want regex matching, consult the
*wireshark-filter(4)* man page.) It does save a bit on typing (especially
for a multifield custom column) and remembering the column title might
be easier in some cases.
The columns are set before the color filters, which means that you
can have a color filter that depends on a built-in column like Info or
Protocol.
Remove the special handling for the -e option to tshark. Note that
the behavior is a little different now, because fixed field names
are used instead of the titles (using the titles allowed illegal
filter names, because it wasn't going through the filter engine.)
For default names, this means that they're no longer capitalized,
so "_ws.col.info" instead of "_ws.col.Info" - hopefully a small
price in exchange for the filters working everywhere.
The output format for -T fields remains the same; all that special
handling is removed (except for remembering if someone asked for
a column field to know that columns should be constructed.)
They're also set before the postdissectors, so postdissectors can
have access.
Anything that depends on whether a packet and previous packets are
displayed (COL_DELTA_TIME_DIS or COL_CUMULATIVE_BYTES) doesn't work
the way most people expect, so don't register fields for those.
(The same is already true of color filters that use those, along with
color filters that use the color filter fields.)
Fix #16576. Fix #17971. Fix #4684. Fix #13491. Fix #13941.
2023-05-01 12:02:18 +00:00
|
|
|
if (fill_col_exprs) {
|
|
|
|
|
pinfo->cinfo->col_expr.col_expr[i] = proto_registrar_get_nth(col_item->hf_id)->abbrev;
|
|
|
|
|
(void) g_strlcpy(pinfo->cinfo->col_expr.col_expr_val[i], pinfo->cinfo->columns[i].col_data, (col_item->col_fmt == COL_INFO) ? COL_MAX_INFO_LEN : COL_MAX_LEN);
|
|
|
|
|
}
|
2014-01-06 23:02:32 +00:00
|
|
|
break;
|
2010-04-30 20:49:41 +00:00
|
|
|
}
|
2001-04-01 07:32:35 +00:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
2009-09-06 13:35:27 +00:00
|
|
|
|
2011-04-09 04:33:26 +00:00
|
|
|
/*
|
|
|
|
|
* Fill in columns if we got an error reading the packet.
|
2014-01-06 23:07:48 +00:00
|
|
|
* We set most columns to "???", fill in columns that don't need data read
|
|
|
|
|
* from the file, and set the Info column to an error message.
|
2011-04-09 04:33:26 +00:00
|
|
|
*/
|
|
|
|
|
void
|
|
|
|
|
col_fill_in_error(column_info *cinfo, frame_data *fdata, const gboolean fill_col_exprs, const gboolean fill_fd_colums)
|
|
|
|
|
{
|
|
|
|
|
int i;
|
2015-06-27 03:00:33 +00:00
|
|
|
col_item_t* col_item;
|
2011-04-09 04:33:26 +00:00
|
|
|
|
|
|
|
|
if (!cinfo)
|
|
|
|
|
return;
|
|
|
|
|
|
|
|
|
|
for (i = 0; i < cinfo->num_cols; i++) {
|
2015-06-27 03:00:33 +00:00
|
|
|
col_item = &cinfo->columns[i];
|
2014-01-06 23:02:32 +00:00
|
|
|
if (col_based_on_frame_data(cinfo, i)) {
|
2011-04-09 04:33:26 +00:00
|
|
|
if (fill_fd_colums)
|
|
|
|
|
col_fill_in_frame_data(fdata, cinfo, i, fill_col_exprs);
|
2015-06-27 03:00:33 +00:00
|
|
|
} else if (col_item->col_fmt == COL_INFO) {
|
2011-04-09 04:33:26 +00:00
|
|
|
/* XXX - say more than this */
|
2015-06-27 03:00:33 +00:00
|
|
|
col_item->col_data = "Read error";
|
2014-01-06 23:02:32 +00:00
|
|
|
} else {
|
2015-06-27 03:00:33 +00:00
|
|
|
if (col_item->col_fmt >= NUM_COL_FMTS) {
|
2021-06-18 18:21:42 +00:00
|
|
|
ws_assert_not_reached();
|
2011-04-09 04:33:26 +00:00
|
|
|
}
|
|
|
|
|
/*
|
|
|
|
|
* No dissection was done, and these columns are set as the
|
|
|
|
|
* result of the dissection, so....
|
|
|
|
|
*/
|
2015-06-27 03:00:33 +00:00
|
|
|
col_item->col_data = "???";
|
2011-04-09 04:33:26 +00:00
|
|
|
break;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2018-03-08 23:17:58 +00:00
|
|
|
gboolean col_data_changed(void) {
|
2018-03-15 15:11:14 +00:00
|
|
|
gboolean cur_cdc = col_data_changed_;
|
2018-03-08 23:17:58 +00:00
|
|
|
col_data_changed_ = FALSE;
|
2018-03-15 15:11:14 +00:00
|
|
|
return cur_cdc;
|
2018-03-08 23:17:58 +00:00
|
|
|
}
|
epan: Register dynamic column fields and make them filterable
Make the text of each registered column a FT_STRING field that can be
filtered, prefixed with _ws.col - these work in display filters, filters
in taps, coloring rules, Wireshark read filters, and in the -Y, -R, -e,
and -j options to tshark. Use them as the default "Apply as Filter" value
for the columns that aren't handled by anything else currently.
Because only the columns formats that actually correspond to columns
get filled in (invisible columns work), register and deregister the
fields when the columns change.
Use the lower case version of the rest of the COL_* define for each
column as the field name.
This adds a number of conditions to "when are the columns needed",
including when the main display filter or any filter on a tap is
using one of these fields.
Custom columns are currently not implemented. For custom columns, the
tree then has to be further primed with any fields used by the custom
columns as well. (Perhaps that should happen in epan_dissect_run() -
are there any cases where we construct the columns and don't want to
prime with any field that custom columns contains? Possibly in taps
that we know only use build in columns.)
Thus, for performance reasons, you're better off matching an ordinary
field if possible; it takes extra time to generate the columns and many
of them are numeric types. (Note that you can always convert a non-string
field to a string field if you want regex matching, consult the
*wireshark-filter(4)* man page.) It does save a bit on typing (especially
for a multifield custom column) and remembering the column title might
be easier in some cases.
The columns are set before the color filters, which means that you
can have a color filter that depends on a built-in column like Info or
Protocol.
Remove the special handling for the -e option to tshark. Note that
the behavior is a little different now, because fixed field names
are used instead of the titles (using the titles allowed illegal
filter names, because it wasn't going through the filter engine.)
For default names, this means that they're no longer capitalized,
so "_ws.col.info" instead of "_ws.col.Info" - hopefully a small
price in exchange for the filters working everywhere.
The output format for -T fields remains the same; all that special
handling is removed (except for remembering if someone asked for
a column field to know that columns should be constructed.)
They're also set before the postdissectors, so postdissectors can
have access.
Anything that depends on whether a packet and previous packets are
displayed (COL_DELTA_TIME_DIS or COL_CUMULATIVE_BYTES) doesn't work
the way most people expect, so don't register fields for those.
(The same is already true of color filters that use those, along with
color filters that use the color filter fields.)
Fix #16576. Fix #17971. Fix #4684. Fix #13491. Fix #13941.
2023-05-01 12:02:18 +00:00
|
|
|
|
|
|
|
|
void
|
|
|
|
|
col_register_protocol(void)
|
|
|
|
|
{
|
|
|
|
|
/* This gets called by proto_init() before column_register_fields()
|
|
|
|
|
* gets called by the preference modules actually getting registered.
|
|
|
|
|
*/
|
2023-11-06 15:15:35 +00:00
|
|
|
if (proto_cols <= 0) {
|
epan: Register dynamic column fields and make them filterable
Make the text of each registered column a FT_STRING field that can be
filtered, prefixed with _ws.col - these work in display filters, filters
in taps, coloring rules, Wireshark read filters, and in the -Y, -R, -e,
and -j options to tshark. Use them as the default "Apply as Filter" value
for the columns that aren't handled by anything else currently.
Because only the columns formats that actually correspond to columns
get filled in (invisible columns work), register and deregister the
fields when the columns change.
Use the lower case version of the rest of the COL_* define for each
column as the field name.
This adds a number of conditions to "when are the columns needed",
including when the main display filter or any filter on a tap is
using one of these fields.
Custom columns are currently not implemented. For custom columns, the
tree then has to be further primed with any fields used by the custom
columns as well. (Perhaps that should happen in epan_dissect_run() -
are there any cases where we construct the columns and don't want to
prime with any field that custom columns contains? Possibly in taps
that we know only use build in columns.)
Thus, for performance reasons, you're better off matching an ordinary
field if possible; it takes extra time to generate the columns and many
of them are numeric types. (Note that you can always convert a non-string
field to a string field if you want regex matching, consult the
*wireshark-filter(4)* man page.) It does save a bit on typing (especially
for a multifield custom column) and remembering the column title might
be easier in some cases.
The columns are set before the color filters, which means that you
can have a color filter that depends on a built-in column like Info or
Protocol.
Remove the special handling for the -e option to tshark. Note that
the behavior is a little different now, because fixed field names
are used instead of the titles (using the titles allowed illegal
filter names, because it wasn't going through the filter engine.)
For default names, this means that they're no longer capitalized,
so "_ws.col.info" instead of "_ws.col.Info" - hopefully a small
price in exchange for the filters working everywhere.
The output format for -T fields remains the same; all that special
handling is removed (except for remembering if someone asked for
a column field to know that columns should be constructed.)
They're also set before the postdissectors, so postdissectors can
have access.
Anything that depends on whether a packet and previous packets are
displayed (COL_DELTA_TIME_DIS or COL_CUMULATIVE_BYTES) doesn't work
the way most people expect, so don't register fields for those.
(The same is already true of color filters that use those, along with
color filters that use the color filter fields.)
Fix #16576. Fix #17971. Fix #4684. Fix #13491. Fix #13941.
2023-05-01 12:02:18 +00:00
|
|
|
proto_cols = proto_get_id_by_filter_name("_ws.col");
|
|
|
|
|
}
|
2023-11-06 15:15:35 +00:00
|
|
|
if (proto_cols <= 0) {
|
epan: Register dynamic column fields and make them filterable
Make the text of each registered column a FT_STRING field that can be
filtered, prefixed with _ws.col - these work in display filters, filters
in taps, coloring rules, Wireshark read filters, and in the -Y, -R, -e,
and -j options to tshark. Use them as the default "Apply as Filter" value
for the columns that aren't handled by anything else currently.
Because only the columns formats that actually correspond to columns
get filled in (invisible columns work), register and deregister the
fields when the columns change.
Use the lower case version of the rest of the COL_* define for each
column as the field name.
This adds a number of conditions to "when are the columns needed",
including when the main display filter or any filter on a tap is
using one of these fields.
Custom columns are currently not implemented. For custom columns, the
tree then has to be further primed with any fields used by the custom
columns as well. (Perhaps that should happen in epan_dissect_run() -
are there any cases where we construct the columns and don't want to
prime with any field that custom columns contains? Possibly in taps
that we know only use build in columns.)
Thus, for performance reasons, you're better off matching an ordinary
field if possible; it takes extra time to generate the columns and many
of them are numeric types. (Note that you can always convert a non-string
field to a string field if you want regex matching, consult the
*wireshark-filter(4)* man page.) It does save a bit on typing (especially
for a multifield custom column) and remembering the column title might
be easier in some cases.
The columns are set before the color filters, which means that you
can have a color filter that depends on a built-in column like Info or
Protocol.
Remove the special handling for the -e option to tshark. Note that
the behavior is a little different now, because fixed field names
are used instead of the titles (using the titles allowed illegal
filter names, because it wasn't going through the filter engine.)
For default names, this means that they're no longer capitalized,
so "_ws.col.info" instead of "_ws.col.Info" - hopefully a small
price in exchange for the filters working everywhere.
The output format for -T fields remains the same; all that special
handling is removed (except for remembering if someone asked for
a column field to know that columns should be constructed.)
They're also set before the postdissectors, so postdissectors can
have access.
Anything that depends on whether a packet and previous packets are
displayed (COL_DELTA_TIME_DIS or COL_CUMULATIVE_BYTES) doesn't work
the way most people expect, so don't register fields for those.
(The same is already true of color filters that use those, along with
color filters that use the color filter fields.)
Fix #16576. Fix #17971. Fix #4684. Fix #13491. Fix #13941.
2023-05-01 12:02:18 +00:00
|
|
|
proto_cols = proto_register_protocol("Wireshark Columns", "Columns", "_ws.col");
|
|
|
|
|
}
|
|
|
|
|
static gint *ett[] = {
|
|
|
|
|
&ett_cols
|
|
|
|
|
};
|
|
|
|
|
proto_register_subtree_array(ett, G_N_ELEMENTS(ett));
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
void
|
|
|
|
|
col_dissect(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree)
|
|
|
|
|
{
|
|
|
|
|
proto_item *ti;
|
|
|
|
|
proto_tree *col_tree;
|
|
|
|
|
|
|
|
|
|
column_info *cinfo = pinfo->cinfo;
|
|
|
|
|
|
|
|
|
|
if (!cinfo) {
|
|
|
|
|
return;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (proto_field_is_referenced(tree, proto_cols)) {
|
|
|
|
|
// XXX: Needed if we also create _ws.col.custom
|
|
|
|
|
//col_custom_set(tree, cinfo);
|
|
|
|
|
col_fill_in(pinfo, FALSE, TRUE);
|
|
|
|
|
ti = proto_tree_add_item(tree, proto_cols, tvb, 0, 0, ENC_NA);
|
|
|
|
|
proto_item_set_hidden(ti);
|
|
|
|
|
col_tree = proto_item_add_subtree(ti, ett_cols);
|
|
|
|
|
for (int i = 0; i < cinfo->num_cols; ++i) {
|
|
|
|
|
if (cinfo->columns[i].hf_id != -1) {
|
|
|
|
|
if (cinfo->columns[i].col_fmt == COL_CUSTOM) {
|
|
|
|
|
ti = proto_tree_add_string_format(col_tree, cinfo->columns[i].hf_id, tvb, 0, 0, get_column_text(cinfo, i), "%s: %s", get_column_title(i), get_column_text(cinfo, i));
|
|
|
|
|
} else {
|
|
|
|
|
ti = proto_tree_add_string(col_tree, cinfo->columns[i].hf_id, tvb, 0, 0, get_column_text(cinfo, i));
|
|
|
|
|
}
|
|
|
|
|
proto_item_set_hidden(ti);
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2013-06-25 19:38:15 +00:00
|
|
|
/*
|
|
|
|
|
* Editor modelines
|
|
|
|
|
*
|
|
|
|
|
* Local Variables:
|
|
|
|
|
* c-basic-offset: 2
|
|
|
|
|
* tab-width: 8
|
|
|
|
|
* indent-tabs-mode: nil
|
|
|
|
|
* End:
|
|
|
|
|
*
|
|
|
|
|
* ex: set shiftwidth=2 tabstop=8 expandtab:
|
|
|
|
|
* :indentSize=2:tabSize=8:noTabs=true:
|
|
|
|
|
*/
|