Issue with dissector on top of TCP

[Juan Jose Martin Carrascosa <juanjo () rti com>]

Hi all,

I am writing a dissector on top of TCP (let's call it Wrapper). For a given
TCP segment, I see that the payload length is 1460 bytes. Within those
bytes, I have messages of my Wrapper protocol.  The message length of my
protocol for those messages is 72 bytes.

This is, 20 x messages = 1440. The remainder is 20 bytes. And those 20
bytes are not being dissected nor used at all. (I have verified all this
information). Those 20 messages are the beginning of a new Wrapper message,
but the message is not completed in that segment.

The issue is that the next TCP segment starts 20 bytes later, and thus, it
results in dissection errors since that packet, making Malformed Packets or
not dissected packets almost everything.

I would need to know which is the proper way to let TCP know that those 20
bytes have to be used for the next segment.

Do I have to do anything with the tvb? or on the other hand I have to play
with the return value?

I have spent already a lot of hours on this and can't figure it out. I hope
anyone has any advice for this.

Thanks,
Juanjo

___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev () wireshark org>
Archives:    https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
             mailto:wireshark-dev-request () wireshark org?subject=unsubscribe