Wireshark-dev: [Wireshark-dev] OSB decode in wireshark
Date Index · Thread Index · Other Months · All Mailing Lists
Date Prev · Date Next · Thread Prev · Thread Next
From: "ronnie sahlberg" <ronniesahlberg@xxxxxxxxx>
Date: Sun, 25 Mar 2007 21:42:10 +0000
List,

I have done some largish changes to the usb dissector to make it work
again after the switch to DLT189.

The dissector now decodes for example usm_memory_stick.pcap and other
such traces properly.

Please test and comment.  I have also checked in USB support for
conversations and hostlist tables from Jon Smirl.

I still have a lot of smaller patches pending but welcome any
comments/suggestions or help getting the usb dissector back on track
again.


Paolo, something curious in the traces.
The dissector now treats the first packet of a transaction as a
REQUEST and the second frame as a RESPONSE.
I.e. for each pari of SUBMIT/COMPLETE  the one that occurs first in
time is treasted as the REQUEST and the second one, the that is
generated as a reaction to the first one is a RESPONSE.

This is confusing for URB_INTERRUPT transactions since these always
start with a COMPLETE and end with a SUBMIT.
Since transactions can not flow backwards in time I here assing the
COMPLETE frame as a REQUEST.
Is this the intention of the kernel/libpcap ?