Wireshark mailing list archives
Re: tcp_dissect_pdus. get reassemble TCP
From: Bill Meier <wmeier () newsguy com>
Date: Mon, 15 Oct 2012 14:39:16 -0400
On 10/15/2012 11:05 AM, Bill Meier wrote:
Hi Bill, I didn't finish the code, now i'm testing the function tcp_dissect_pdus() to check whether it works. But i try to give specific code in the below comment. besides that I have two questions: 1. I cannot get the len in advance, for the protocol didn't give it... is there any other way to get it? 2. for test, i set the return value of get_foo_message_len fixed, like 2000. but the data i get is not consecutive? confused... =========== OK: 2. Re: "I cannot get the len in advance" What determines when you have a complete PDU (which presumably consists of TCP payload data which may extend over several packets).
Also: depending upon the exact format of your PDUs, it may not be possible to use tcp_dissect_pdus() (since that approach requires some way of determining the actual length of the PDU from information in an initial part of the PDU).
If using tcp_dissect_pdus() is not possible, a significantly more complex solution is required.
Reading through doc/README.developer, section 2.7.2, and thru the following message thread may help.
https://www.wireshark.org/lists/wireshark-dev/200609/msg00174.html ___________________________________________________________________________ Sent via: Wireshark-dev mailing list <wireshark-dev () wireshark org> Archives: http://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-request () wireshark org?subject=unsubscribe
Current thread:
- tcp_dissect_pdus. get reassemble TCP Bill Meier (Oct 15)
- Re: tcp_dissect_pdus. get reassemble TCP Bill Meier (Oct 15)
- <Possible follow-ups>
- Re: tcp_dissect_pdus. get reassemble TCP Siyang Xiong (Oct 15)
- Re: tcp_dissect_pdus. get reassemble TCP Anders Broman (Oct 15)
- Re: tcp_dissect_pdus. get reassemble TCP Siyang Xiong (Oct 16)