This is a static archive of our old Q&A Site. Please post any new questions and answers at ask.wireshark.org.

Macro with matches

0

Hi, I was trying to define some macros using the matches operator but I get not result, just a error of the macro definition. After reading the wireshark doc I get no error with that example but what I want to set is something like:

tcp matches "([x90])\1{$1,}" --> this would find $1 times the x90 opcode. I've called this macro BO and I've tried the following without success.:

${BO:100} $BO{100}

The problem is not the matches operator because this work --> tcp matches "$1". So, for some reason the macro doesn't work when you use hex digit

Any ideas? Thank you in advance

asked 09 Dec '11, 00:20

BorjaMerino's gravatar image

BorjaMerino
21337
accept rate: 0%

edited 09 Dec '11, 05:28


One Answer:

3

Have a look at bug 6613

UPDATE: now fixed (as of SVN 40867)

answered 10 Dec '11, 03:35

SYN-bit's gravatar image

SYN-bit ♦♦
17.1k957245
accept rate: 20%

edited 06 Feb '12, 15:10

helloworld's gravatar image

helloworld
3.1k42041