Re: Conversation tracking

[Tobias Weiss <tweiss () ra rockwell com>]

Right now I'm puzzled: I wanted to use conversation tracking in order to 
save information about the state of the communication across packet 
dissection.

The dissector is called completely out of order (which is reasonable) but 
I get always the same conversation, even when dissecting an older packet 
than the last one. So saving the state of the communication is completely 
pointless if the same conversation is used for dissecting random packets. 
Here is an example just in case you don't understand my possibly weird 
English ;-)

I have a stream of 10 packets and something interesting was send in packet 
number 3. Now I want to save this information in the conversations data in 
order to reuse it when dissecting future packets. But the dissector is 
called randomly (which is ok) but always with the same conversation (which 
is absolutely not ok in this case).

I simply cannot rely on the saved information. So how am I supposed to use 
conversation tracking in a sane way (as far as I can see I can't _track_ 
anything)???

Tobi




Tobias Weiss <tweiss () ra rockwell com> 
Sent by: wireshark-dev-bounces () wireshark org
05/10/2012 06:03 PM
Please respond to
Developer support list for Wireshark <wireshark-dev () wireshark org>


To
Developer support list for Wireshark <wireshark-dev () wireshark org>
cc

Subject
Re: [Wireshark-dev] Conversation tracking







Section 2.2.3 (The example conversation code using se_alloc'd memory) from 
the trunk. 

Tobi 




Stephen Fisher <steve () stephen-fisher com> 
Sent by: wireshark-dev-bounces () wireshark org 
05/10/2012 05:59 PM 

Please respond to
Developer support list for Wireshark <wireshark-dev () wireshark org>


To
Developer support list for Wireshark <wireshark-dev () wireshark org> 
cc

Subject
Re: [Wireshark-dev] Conversation tracking









---- On Thu, 10 May 2012 15:54:44 -0600 Tobias Weiss  wrote ---- 

> Thanks, this is working just fine. 
>
> But in that case I suggest an update to README.developer as I copied the 
buggy source-code from there. 

Which section(s) were you copying the source code from?

___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev () wireshark org>
Archives:    http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
            mailto:wireshark-dev-request () wireshark org?subject=unsubscribe
___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev () wireshark org>
Archives:    http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
             
mailto:wireshark-dev-request () wireshark org?subject=unsubscribe

___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev () wireshark org>
Archives:    http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
             mailto:wireshark-dev-request () wireshark org?subject=unsubscribe