Re: fragment_add_..(), pinfo->src/dst, IP vs. TCP Session

[Guy Harris <guy () alum mit edu>]

On Jul 11, 2010, at 3:26 PM, David Aggeler wrote:

> I was asking on how to properly do reassembly before I started, but did 
> not get much more that references to tcp_dissect_pdus().

tcp_dissect_pdus() is useful *ONLY* for protocols that:

        run immediately atop TCP;

        have, for each PDU, a section at the beginning, guaranteed to be at least N bytes long for some value of N, and 
from which the length of the PDU can be determined;

and is only useful for reassembling pieces of TCP segments into a PDU for those protocols.

There are a *lot* of protocols like that, so it's very useful...

...but it's not the only mechanism for doing reassembly, and it shouldn't be suggested to people trying to do other 
forms of reassembly - for example, protocols running over something other than TCP, or having their own level of 
fragmentation over and above fragmentation into pieces of TCP segments.
___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev () wireshark org>
Archives:    http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
             mailto:wireshark-dev-request () wireshark org?subject=unsubscribe