Wireshark mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Protocol correctness analysis

From: Martin Visser <martinvisser99 () gmail com>
Date: Fri, 20 Apr 2012 10:01:20 +1000
I don't know about the code, but the RTP Stream analysis definitely does
this. RTP has a sequence number (rtp.seq) field that needs to increase
monotonically for a stream. You don't see the error in the normal packet
details, but you do when running the specific Telephony tool, as shown in
the screen shot below.

However I the TCP dissector obviously is able to analyse similar sequence
numbers - and is able to display things like TCP retransmissions with in
the TCP Sequence analysis section in the packet details.



[image: Inline images 1]

Regards, Martin

MartinVisser99 () gmail com


On 19 April 2012 21:48, Ilya Shvetsov <chvetsov () gmail com> wrote:




This sounds a bit like RTP. This is also analysed, through the use of the
tapping mechanism. Have a look at README.tapping (IIRC) and look at the
already available taps.

Thank you, i will dig into it


But anyway i would like to clarify, what i really need.
So there is set of parameters in our packets, some of them are changed
from packet to packet, some of them are not.

I'm looking for way to check, that all paramters was changed correctly.
 Like if i have packet number, i would like to know whether this number
increases monotonically or not. if not i would like to point user attention
on this moment.

i hope, this sheds more light on what really i want
--
With best regards
Ilya 'Akhil' Shvetsov


Thanks,
Jaap

Send from my iPhone

On 19 apr. 2012, at 11:17, Ilya Shvetsov <chvetsov () gmail com> wrote:

Hi, there!

I wroute my own dissector for our custom protocol. It works good. we are
very satisfied with wireshark.

But now i have task to check our protocol for errors. we implemented
reliable protocol over UDP, so we would like to check whether we have lost
packet or not. whether all packet's sequences complete or not. and so on.

the question is what is the best way to implement this?
I think it will be good to start this task not during cap file opening,
but by user request from menu?
if this possible, can you point me documentation for this?

--
With best regards
Ilya 'Akhil' Shvetsov



___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev () wireshark org>
Archives:     <http://www.wireshark.org/lists/wireshark-dev>
http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: <https://wireshark.org/mailman/options/wireshark-dev>
https://wireshark.org/mailman/options/wireshark-dev
              <wireshark-dev-request () wireshark org?subject=unsubscribe>
mailto:wireshark-dev-request () wireshark org?subject=unsubscribe<wireshark-dev-request () wireshark 
org?subject=unsubscribe>



___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev () wireshark org>
Archives:    http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
            mailto:wireshark-dev-request () wireshark org
?subject=unsubscribe




___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev () wireshark org>
Archives:    http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
            mailto:wireshark-dev-request () wireshark org?subject=unsubscribe



___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev () wireshark org>
Archives:    http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
             mailto:wireshark-dev-request () wireshark org?subject=unsubscribe
Previous By Date Next
Previous By Thread Next

Current thread: