Wireshark mailing list archives
Dissector - How to add a new row to display next message payload in next row
From: Joe Leong <jleong () vtmgroup com>
Date: Thu, 2 Aug 2012 21:38:06 +0000
In the Developer's Guide, 9.4.2 How to reassemble split TCP Packets mentions "You also cannot assume that a TCP packet contains only one application layer message and that the message header is at the start of your TCP payload. More than one messages can be transmitted in one TCP packet, so that a message can start at an arbitrary position.". I have this situation and Would there be an example that show how to properly display the COL_INFO for the second TCP payload message as a separate (next) row? e.g. - Currently, my dissector performs the correction dissection on both messages, but I'm having to display the information for both messages on the same row within the "Info" column So it looks like No. Time Source Destination Protocol Info 1 232.1 10.1.1.1 10.1.1.2 XXXX DOG CAT What do I see to do to make the presentation look like No. Time Source Destination Protocol Info 1 232.1 10.1.1.1 10.1.1.2 XXXX DOG CAT or even No. Time Source Destination Protocol Info 1 232.1 10.1.1.1 10.1.1.2 XXXX DOG 1 232.1 10.1.1.1 10.1.1.2 XXXX CAT or perhaps No. Time Source Destination Protocol Info 1 232.1 10.1.1.1 10.1.1.2 XXXX DOG 2 232.1 10.1.1.1 10.1.1.2 XXXX CAT Basically, how do I allocate and display information to the next row from within my dissector? Thanks, Joe
___________________________________________________________________________ Sent via: Wireshark-dev mailing list <wireshark-dev () wireshark org> Archives: http://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-request () wireshark org?subject=unsubscribe
Current thread:
- Dissector - How to add a new row to display next message payload in next row Joe Leong (Aug 03)