This is a static archive of our old Q&A Site. Please post any new questions and answers at ask.wireshark.org.

Data Structure of address defined in address.h

0

Hello! I want to put the protocol information which is dissected by Wireshark into SQL Server. Now I am planning to add codes in the function of add_packet_to_packet_list in file.c. And the place to insert new codes is somewhere after the line of

    row = packet_list_append(cinfo, fdata, &edt.pi);

I have figured out that the row equals to the column number minus one. However, I could not print out the source address and destination address. The parameter &edt.pi is used to save the protocol tree information including the src address and dst address. And I have noticed that for the parameter edt.pi.dl_src.data, its type is const void *. How could I get the string type of source address from this parameter? I am very confused. So Would you like to help me make it out? Thank you very much!

asked 05 Jul '13, 00:36

constance's gravatar image

constance
10224
accept rate: 0%

edited 07 Jul '13, 11:00

Guy%20Harris's gravatar image

Guy Harris ♦♦
17.4k335196

One Answer:

0

Its type is const void * because it points to a blob of address-type-dependent binary data.

If you want a human-readable text form for the address, you would have to use one of the address_to_str functions declared in epan/to_str.h.

answered 07 Jul '13, 10:58

Guy%20Harris's gravatar image

Guy Harris ♦♦
17.4k335196
accept rate: 19%

Thank you! I have solved this problem by printing out ip_to_str( (const guint8 *)edt.pi.net_src.data) if it's an IPV4 address.

(09 Jul '13, 21:19) constance