Grouping fields in a dissector

@sindy - thanks, that works. However, wehn I click on such a field ("User-Name dissection" in your example) it doesn't highlight the range that the sub-fields cover.

That's because the field in the original tree in my example is a text item.

As said, I've used a quote from a dissector I happened to have open in text editor. Like many other methods of the Lua API, treeitem:add can handle several variants of parameters (some of them even not documented at all places), so if you use just a text label as its single parameter, like I did at that place, there is nothing related to that text label in the packet data, so there is nothing to be highlighted in the raw data pane.

You may definitely declare another protocol field like "emailaddr" which spans the complete portion of the buffer, so the code above would then change to

my_subtree=tree:add(emailaddr,buffer:range(0))
my_subtree:add(user,buffer:range(0,10))
my_subtree:add(host,buffer:range(11))

and if emailaddr, user, host have been previously properly defined as protocol fields, like

local emailaddr = ProtoField.string("my_proto.e-mail","complete e-mail address")
local user = ProtoField.string("my_proto.e-mail.user","user part")
local host = ProtoField.string("my proto.e-mail.host","host part")
my_proto.fields = {emailaddr,user,host}

then clicking on any of the three items will highlight the corresponding bytes in the raw data pane.

To say it all, in my original dissector

• the ranges for "user" and "host" parts are of course not defined statically like in the example; their sizes are determined by identifying the position of the @ symbol in the buffer,

• I would rather omit the label-only line completely, because the equivalent of "emailaddr" field given above is already provided by lower layer dissector, but it is not possible as I do not have access to the pointer to that tree item so I cannot hook my items below it.