Wireshark mailing list archives
Re: Conversation tracking
From: Tobias Weiss <tweiss () ra rockwell com>
Date: Thu, 10 May 2012 17:54:44 -0400
Thanks, this is working just fine. But in that case I suggest an update to README.developer as I copied the buggy source-code from there. Tobi Stephen Fisher <steve () stephen-fisher com> Sent by: wireshark-dev-bounces () wireshark org 05/10/2012 01:07 PM Please respond to Developer support list for Wireshark <wireshark-dev () wireshark org> To Developer support list for Wireshark <wireshark-dev () wireshark org> cc Subject Re: [Wireshark-dev] Conversation tracking ---- On Thu, 10 May 2012 10:26:46 -0600 Tobias Weiss wrote ----
I'm using conversation tracking and ran into an issue. My code looks like
this (as suggested in the README.developer):
conv = find_conversation(pinfo->fd->num, &pinfo->src, &pinfo->dst, pinfo->ptype, pinfo->srcport, pinfo->destport, 0); if(conv != NULL) { get conversation data } else { create conversation data with se_alloc() and add it to the
conversation }
When the dissectors main function is called for the first time,
find_conversation() returns a non-null pointer! As far as I understood it should return 0 as conversation_new() was never called for this address/port combination yet. What am I missing here? Using a dissector I wrote, packet-exec.c, as an example, I first called find_or_create_conversation(), then conversation_get_proto_data() and then check the return of that second function to see if I need to create the data: conversation = find_or_create_conversation(pinfo); /* Retrieve information from conversation * or add it if it isn't there yet */ hash_info = conversation_get_proto_data(conversation, proto_exec); if(!hash_info){ hash_info = se_alloc(sizeof(exec_hash_entry_t)); <<< set the variables here >>> conversation_add_proto_data(conversation, proto_exec, hash_info); } ___________________________________________________________________________ Sent via: Wireshark-dev mailing list <wireshark-dev () wireshark org> Archives: http://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-request () wireshark org?subject=unsubscribe
___________________________________________________________________________ Sent via: Wireshark-dev mailing list <wireshark-dev () wireshark org> Archives: http://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-request () wireshark org?subject=unsubscribe
Current thread:
- Conversation tracking Tobias Weiss (May 10)
- Re: Conversation tracking Stephen Fisher (May 10)
- Re: Conversation tracking Tobias Weiss (May 10)
- Re: Conversation tracking Stephen Fisher (May 10)
- Re: Conversation tracking Tobias Weiss (May 10)
- Re: Conversation tracking Tobias Weiss (May 11)
- Re: Conversation tracking Jeff Morriss (May 11)
- Re: Conversation tracking RUOFF, LARS (LARS) (May 11)
- Re: Conversation tracking Tobias Weiss (May 11)
- Re: Conversation tracking Evan Huus (May 11)
- Re: Conversation tracking Evan Huus (May 11)
- Re: Conversation tracking Tobias Weiss (May 14)
- Re: Conversation tracking Tobias Weiss (May 10)
- Re: Conversation tracking ronnie sahlberg (May 11)
- Re: Conversation tracking Stephen Fisher (May 10)