Add a description for the bitwise_and (&) operator.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@10471 f5534014-38df-0310-8fa8-9805f1628bb7
author: obiot <obiot@f5534014-38df-0310-8fa8-9805f1628bb7> 2004-03-24 00:38:34 +0000
committer: obiot <obiot@f5534014-38df-0310-8fa8-9805f1628bb7> 2004-03-24 00:38:34 +0000
commit: 536a3accd1bc38958c4ce6527b06a8584e84f4ad (patch)
tree: 2c34bb69bb676588a4a9b794ddfc845e31b561f5 /doc
parent: 7e46a7722c24e5d2fb083bf908c6237246fed327 (diff)
1 files changed, 23 insertions, 0 deletions
diff --git a/doc/ethereal-filter.pod.template b/doc/ethereal-filter.pod.template
index 9ce2c00f68..fe455fd142 100644
--- a/doc/ethereal-filter.pod.template
+++ b/doc/ethereal-filter.pod.template
@@ -238,6 +238,29 @@ You can create complex concatenations of slices using the comma operator:
 
 	field[1,3-5,9:] == 01:03:04:05:09:0a:0b
 
+=head2 Bit field operations
+
+It is also possible to define tests with bit field operations. Currently the
+following bit field operation is supported:
+
+    bitwise_and, &	Bitwise AND
+
+The bitwise AND operation allows testing if one or more bits are set.
+Bitwise AND operates on integer protocol fields and slices.
+
+When testing for TCP SYN packets, once can write:
+
+    tcp.flags & 0x02
+
+Similarly, filtering for all WSP GET and extended GET methods is achieved with:
+
+    wsp.pdu_type & 0x40
+
+When using slices, the bit mask must be specified as byte string, and it must
+have the same number of bytes as the slice itself, as in:
+
+    ip[42:2] & 40:ff
+
 =head2 Logical expressions
 
 All the above tests can be combined together with logical expressions.
author	obiot <obiot@f5534014-38df-0310-8fa8-9805f1628bb7>	2004-03-24 00:38:34 +0000
committer	obiot <obiot@f5534014-38df-0310-8fa8-9805f1628bb7>	2004-03-24 00:38:34 +0000
commit	536a3accd1bc38958c4ce6527b06a8584e84f4ad (patch)
tree	2c34bb69bb676588a4a9b794ddfc845e31b561f5 /doc
parent	7e46a7722c24e5d2fb083bf908c6237246fed327 (diff)