Add plugin timing statistics

[<jayrturner99 () gmail com>]

I would like advice on adding timing statistics to a Wireshark plugin. I
have implemented a plugin for my company's proprietary protocol, which sits
on top of TCP/IP. I have added tap statistics to count various interesting
pieces of data. I would now like to calculate the time it takes for the
server to process commands.

 

Looking at a general flow in my protocol, a command is sent (PSH, ACK) and
an ACK occurs. Then later a (PSH, ACK) and an ACK occur for the response.

If I take the response (PSH, ACK) timestamp and subtract the command ACK
timestamp, I think this would be the best "how long did the server take to
process" time.

Do you have an idea of any better timing data I should consider?

 

With a dissector, I can look at my protocol. How would I look at my packet's
TCP/IP protocol and get the timestamp?

 

Then I would need to associate my command's timestamp with a response
timestamp. How might I do this? Using a tap? If so, how might I do this? I
know that my activity flow is - command (PSH, ACK), command ACK, response
(PSH, ACK), response ACK - so I know that if I'm in a command packet that
the response timestamp I need is two packets ahead, sequentially, in its
conversation. Are there calls to peek ahead?

 

So, if you have suggestions on places within the documentation or code that
I can study, please let me know.

 

Thank you,

Jay Turner

 

___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev () wireshark org>
Archives:    https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev
             mailto:wireshark-dev-request () wireshark org?subject=unsubscribe