Hello,
I m developing a dissector, and i am a first timer. I
would like to know how i’d better proceed to solve the following problem:
This is a typical structure of a packet belonging to
my protocol
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
| PACKET HEADER | MESSAGE
HEADER |
DATA [OPTIONAL]
|
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Packet (16 bytes) header is *ALWAYS* present. Message Header (32 bytes) is
present only if *START* flag is
set. A field in MH tell us which operation is going to be
executed (let’s call it OPTAG). OPTAG’s parameters
*USUALLY* are containted in the
same packet inside the paylod (DATA). *NOT
ALWAYS*: sometimes the protocol works like that:
Packet1:
I________Packet
Header
I I__________Flag
set: Start, Data
I I__________
SEQ = n
I
I
I________Message
Header
I__________Optag:
OP1
I
I
I_________ no data
present
No data (parameters) are present,as you can see up
here. This is not only suggested by the absence of data but also by the flag END
not set
Packet2:
I________Packet
Header
I I__________Flag
set: End, Data
I I__________
SEQ = n + 1
I
I
I
I_________ parameters
No Message Header is present here (that’s
because START flag is not set). END flag is set, and so isDATA. In fact this packet
contains the parameters of OP1.
Now, I would like to add the data (parameters) of the
second packet to the empty data field of the first. I have read something about
desegmentation but i’m uncertain
because usually between p1 and p2 there are intervening
packets. What I am sure of is that if *SEQ
FIELD* of P1 is n *SEQ FIELD*
of P2 is n+ 1.
I had thought about fragments even if p2 is not
properly a fragment of p1 (but a normal packet).
What I do not want is to show in the display p2 as a
fragment. I just want p1 to appear WITH PARAMETERS (taken from p2).
Could you give me some tips?
Thank you
