Wireshark mailing list archives
Someone please help me on this Reassemly fragmentation
From: Raj sekar <mrajsekar () gmail com>
Date: Wed, 25 Feb 2015 17:07:48 +0800
i have a off-line capture file..
iam developing dissector for customised protocol
i have a old ethereal tool for the same protocol now iam developing in
wireshark.
My message pdu got 3 different message types
1. Beginning of message
2. continuation of message
3. end of message
in one Frame at a time it can receive any one of this message
when it End of message sequence comes i need to reassemble whole PDU
i have opened in ethereal tool and my output are like this
Frame Number Message type pollflag NS (sequence Number) NR
(SEquence ID) 283 Beginning of message 0 0 0 343 End of message
0 1 0 -> Reassembly done here 379 Beginning of message 0 2 1
414 Continuation
of message 0 3 1 416 Continuation of message 0 4 1 417 End of Message 1
5 1 -> Reassembly done here 536 Beginning of message 0 6 2 541 End
of meassage 0 7 2 -> Reassembly done here
I have used my code structure like this
guint32 rem_length;
guint8 iflag,pf,stype,flag_sel,num_sel,i,sflag; //
guint32 pdu_len;
guint8 save_fragmented;
gboolean more_frags = FALSE;
gboolean need_frag = FALSE;
const *data = NULL;
//tvbuff_t *try_tvb = NULL;
//proto_item *frag_tree_item;
tvbuff_t *rass_tvb = NULL;
tvbuff_t *mns_tvb = NULL;
guint32 msg_seqid;
guint32 mns_seqid = 0;
guint32 mns_seqnum = 0;
fragment_head *frag_msg = NULL;
gboolean reassembled = FALSE;
//guint32 reassembled_in = 0;
tvbuff_t * res_tvb = NULL;
fragment_head * frag_head = NULL;
proto_tree *ptree = NULL;
ptree = proto_tree_get_parent(tree);
pf = (tvb_get_guint8(next_tvb, offset_payload) & 0x40) >>6 ; //
Bit 7 pf
mns_seqnum = (tvb_get_ntohs(next_tvb, offset_payload) &
0x3ff00000) >>20; // 10 Bits are ns
offset_payload +=1;
mns_seqid = (tvb_get_ntohs(next_tvb, offset_payload) & 0x0ffc0000)
18; // 10 bits are nr
offset_payload +=1;
stype = (tvb_get_guint8(next_tvb, offset_payload) & 0x03) ; // 2
bits LSB are Stype
offset_payload -=2;
FT_BCnPDU_item = proto_tree_add_text(tree, next_tvb,
offset_payload, bctsdu_length, "BCnPDU (Formatted) : Information, I flag =
0x%02x, Pf = 0x%02x, Ns = 0x%02x, Nr = 0x%02x ",
iflag,pf,mns_seqnum,mns_seqid );
FT_BCnPDU_tree = proto_item_add_subtree(FT_BCnPDU_item,
ett_FT_BCnPDU);
proto_tree_add_text(FT_BCnPDU_tree, next_tvb, offset_payload, 1, "
bctsdu_length: %d", bctsdu_length);
proto_tree_add_text(FT_BCnPDU_tree, next_tvb, offset_payload, 1,
"I flag : 0x%02x (%s)", iflag,val_to_str(iflag,true_false_vals,"%s"));
proto_tree_add_text(FT_BCnPDU_tree, next_tvb, offset_payload, 1,
"Pf : 0x%02x (%d)", pf,pf);
proto_tree_add_text(FT_BCnPDU_tree, next_tvb, offset_payload, 2,
"Ns : 0x%02x (%d)", mns_seqnum,mns_seqnum);
offset_payload +=1;
bctsdu_length-=1;
proto_tree_add_text(FT_BCnPDU_tree, next_tvb, offset_payload, 2,
"Nr : 0x%02x (%d)", mns_seqid,mns_seqid);
offset_payload +=1;
bctsdu_length-=1;
proto_tree_add_text(FT_BCnPDU_tree, next_tvb, offset_payload, 1,
"BCnSegType : 0x%02x (%s)", stype,val_to_str(stype,BCn_Seg_Type_vals,"%s"));
offset_payload +=1;
bctsdu_length-=1;
switch (stype){
case 0x00: // Continuation of Message
msg_seqid=1;
bctsdu_length+=1;
rem_length = bctsdu_length;
proto_tree_add_text(FT_BCnPDU_tree, next_tvb, offset_payload,
rem_length , "PDU data : %d", rem_length);
break;
case 0x01: // Beginning of Message
msg_seqid=0;
BCnPDU_stype_item = proto_tree_add_text(FT_BCnPDU_tree,
next_tvb, offset_payload, 1, "%s",val_to_str(stype,BCn_Seg_Type_vals,"%s"));
BCnPDU_stype_tree = proto_item_add_subtree(BCnPDU_stype_item,
ett_BCnPDU_stype);
BCnPDU_bom_item = proto_tree_add_text(BCnPDU_stype_tree,
next_tvb, offset_payload, 1, "MACSAPFLAGS");
BCnPDU_bom_tree = proto_item_add_subtree(BCnPDU_bom_item,
ett_BCnPDU_bom);
temp_val = (tvb_get_guint8(next_tvb, offset_payload) & 0x80)
7 ; // Bit 8 - Flow Control
proto_tree_add_text(BCnPDU_bom_tree, next_tvb, offset_payload,
1, "Flow Control : 0x%02x (%s)", temp_val,val_to_str(temp_val,
true_false_vals,"%s"));
temp_val = (tvb_get_guint8(next_tvb, offset_payload) & 0x40)
6 ; // Bit 7 - Reserved l
proto_tree_add_text(BCnPDU_bom_tree, next_tvb, offset_payload,
1, "Reserved l : 0x%02x (%d)", temp_val,temp_val);
temp_val = (tvb_get_guint8(next_tvb, offset_payload) & 0x20)
5 ; // Bit 6 - Expedited
proto_tree_add_text(BCnPDU_bom_tree, next_tvb, offset_payload,
1, "Expedited : 0x%02x (%s)", temp_val,val_to_str(temp_val,
true_false_vals,"%s"));
temp_val = (tvb_get_guint8(next_tvb, offset_payload) & 0x10)
4 ; // Bit 5 - OAM PDU Flag
proto_tree_add_text(BCnPDU_bom_tree, next_tvb, offset_payload,
1, "OAM PDU Flag : 0x%02x (%s)", temp_val,val_to_str(temp_val,
true_false_vals,"%s"));
temp_val = (tvb_get_guint8(next_tvb, offset_payload) & 0x08)
3 ; // Bit 4 - Reserved 2
proto_tree_add_text(BCnPDU_bom_tree, next_tvb, offset_payload,
1, "Reserved 2 : 0x%02x (%d)", temp_val,temp_val);
pdu_len = (tvb_get_ntohl(next_tvb, offset_payload) &
0x07ff0000) >>16; // PDU Length - 11 Bits
proto_tree_add_text(BCnPDU_bom_tree, next_tvb, offset_payload,
2, "PDU Length : 0x%02x (%d)", pdu_len,pdu_len);
offset_payload+=2;
bctsdu_length-=2;
if (rem_length >= pdu_len){
rem_length-=2;
proto_tree_add_text(BCnPDU_bom_tree, next_tvb, offset_payload,
rem_length, "PDU data (if) : %d ", rem_length);
} else {
proto_tree_add_text(BCnPDU_bom_tree, next_tvb, offset_payload,
rem_length, "PDU data (else) : %d ", rem_length);
}
break;
case 0x02: // End of Message
msg_seqid=2;
bctsdu_length+=2;
more_frags=TRUE;
rem_length = bctsdu_length;
rem_length-=2;
proto_tree_add_text(FT_BCnPDU_tree, next_tvb, offset_payload,
rem_length , "PDU data : %d", rem_length);
disable_CRC=1;
break;
case 0x03: // Single Segment Message
// No need of fragmentation and reassembly
offset_payload+=1;
bctsdu_length-=1;
if (bctsdu_length>0){
ALSIGPDU(next_tvb, pinfo, tree);
}
break;
}
if ( stype==0x01 || stype==0x02 || stype==0x00 ){
pinfo->fragmented = TRUE;
save_fragmented = pinfo->fragmented;
frag_head = fragment_add_check(&mns_reassembly_table,
next_tvb,
offset_payload,
pinfo,
msg_seqid,
NULL,
mns_seqid,
pdu_length,
((msg_seqid == 2)?0:1));
if (frag_head != NULL) {
col_append_str(pinfo->cinfo, COL_INFO, "
[Fragment Successful]");
} else {
col_append_str(pinfo->cinfo, COL_INFO, "
[Fragment Not Successful]");
}
save_fragmented = pinfo->fragmented;
pinfo->fragmented = FALSE;
res_tvb = process_reassembled_data( next_tvb,
offset_payload, pinfo, "Reassembled PDU", frag_head, &mns_frag_items, NULL,
FT_BCnPDU_tree );
save_fragmented = pinfo->fragmented;
pinfo->fragmented = FALSE;
if (res_tvb) {
col_append_str(pinfo->cinfo, COL_INFO, " [mns
reassembled]");
} else {
col_append_str(pinfo->cinfo, COL_INFO, "[mns
not reassembled ]");
}
offset_payload+=rem_length;
bctsdu_length-=rem_length;
}
I dont have any clue my fragmentation always not succesful. please help.
Thanks
Best Regards
Raj
___________________________________________________________________________ Sent via: Wireshark-dev mailing list <wireshark-dev () wireshark org> Archives: http://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-request () wireshark org?subject=unsubscribe
Current thread:
- Someone please help me on this Reassemly fragmentation Raj sekar (Feb 25)
- Re: Someone please help me on this Reassemly fragmentation Pascal Quantin (Feb 25)
- Message not available
- Re: Someone please help me on this Reassemly fragmentation Pascal Quantin (Feb 25)
- Re: Someone please help me on this Reassemly fragmentation Raj sekar (Feb 25)
- Re: Someone please help me on this Reassemly fragmentation Pascal Quantin (Feb 25)
- Message not available
- Re: Someone please help me on this Reassemly fragmentation Pascal Quantin (Feb 25)