Re: composite tvbuffs

[Stephen Fisher <steve () stephen-fisher com>]

On Fri, Sep 24, 2010 at 05:33:25PM -0700, Scott Mueller wrote:

> Thank you for your response. I'm working with a multi-layered protocol 
> that relies on TCP/IP, and in some cases the contiguous payload that I 
> need to work with is spread out across several well-formed messages.

Have you looked at the reassembly information in README.developer, 
specifically section 2.7.2, "Modifying the pinfo struct" ?  That may do 
the job for you, especially if the messages span multiple TCP segments.  
The preceding section about using tcp_dissect_pdus could work too, but 
it's geared toward simple TCP reassembly.



___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev () wireshark org>
Archives:    http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
             mailto:wireshark-dev-request () wireshark org?subject=unsubscribe