Wireshark mailing list archives
Re: Buffering packets for dissection
From: Andreas <andreas.akesson () kolumbus fi>
Date: Thu, 29 Jul 2010 06:51:38 +0000 (UTC)
Jaap Keuter <jaap.keuter@...> writes:
Hi, It looks like you want to packetize a streaming protocol in a datagram protocol. That causes inherent problems. You may want to consider packing in TCP, a stream oriented protocol, which should have better support in Wireshark. I know that RTP is a streaming datagram protocol, and uses specific RTP support routines in Wireshark. Thanks, Jaap
Hi, I've checked out the tutorial about reassembling TCP fragments, but it seems tcp_dissect_pdus() needs a fixed size header, which this protocol (TFO) doesn't have. Well, okay, the frames and messages do have headers, but they can only be obtained after reassembly; I need to extract every 16th byte's LSB, and one message can consist of 30 to 130 bits. Also, the length of the message depends on the bits in parts of the message, indicating if another part will follow or not. Br. Andreas ___________________________________________________________________________ Sent via: Wireshark-dev mailing list <wireshark-dev () wireshark org> Archives: http://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-request () wireshark org?subject=unsubscribe
Current thread:
- Buffering packets for dissection andreas . akesson (Jul 26)
- Re: Buffering packets for dissection Jaap Keuter (Jul 26)
- Re: Buffering packets for dissection Andreas (Jul 27)
- Re: Buffering packets for dissection Jaap Keuter (Jul 28)
- Re: Buffering packets for dissection Andreas (Jul 28)
- Re: Buffering packets for dissection Andreas (Jul 27)
- Re: Buffering packets for dissection Jaap Keuter (Jul 26)