Wireshark-dev: Re: [Wireshark-dev] Single TCP segment having multiple PDUs not working
From: Zongjun <qizongjun@xxxxxxxxx>
Date: Thu, 27 Sep 2007 16:30:00 -0700
Ronnie,

I could have 30 different kinds of messages and I just can't know the fix length. However, using tcp_dissect_pdus you have to give the fix length.

Zongjun

On 9/27/07, ronnie sahlberg <ronniesahlberg@xxxxxxxxx> wrote:
try using tcp_dissect_pdus() to handle the case with pdus transported
ontop of tcp
it will take care of this for you automatically


On 9/28/07, Zongjun <qizongjun@xxxxxxxxx > wrote:
> Hey guys,
>
> According to my capture, I don't have situations where ONE PDU spans over
> multiple TCP segment. In stead, mine is the other round: Single segment
> having multiple PDUs.
>
> But using the folling code, what I observed is wireshark did put multiple
> PDU info inside the Detail Window after TCP, however these PDUs are always
> the same. But in the bottom hexdump window, they are definitely from
> different PDU.
>
> I noticed there has been a similar issue before Wireshark-dev: Re:
> [Wireshark-dev] Dissect multiple PDUs in one TCP Segment.
> But again, it is not for single segment having multiple PDU.
>
> Anyone see the same issue?
>
> Thanks,
> Zongjun
>
>
> static void
> dissect_myproto(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree)
> {
> gint offset = 0; // always points to the front
> gint available = 0; // how many bytes still available to consume
>
> while((available = tvb_reported_length_remaining(tvb,
> offset)) > 0)
>     {
>       printf("available = %d\n", available);
>
>
>
>
>       /* make entry in the Protocol column on summary display */
>       if (check_col(pinfo->cinfo, COL_PROTOCOL))
>         col_set_str(pinfo->cinfo, COL_PROTOCOL, PSNAME);
>
>
>
>
>       /* create the myproto protocol tree */
>       if (tree) {
>         myproto_item = proto_tree_add_item(tree, proto_myproto, tvb, offset,
> -1, FALSE);
>
>
>
>
>         myproto_tree = proto_item_add_subtree(myproto_item,
> ett_myproto);
>
>         offset +=
> dissect_MyProtoMessage_PDU(tvb,pinfo,myproto_tree);
>
>
>
>
>       }
>       printf("offset = %d\n", offset);
>
>
>
>
>       if(tvb_reported_length_remaining(tvb, offset) > 0)
>         {
>           printf("haha, we get a multiple PDU. \n");
>         }
>    } //while:
> }
>
>
> _______________________________________________
> Wireshark-dev mailing list
> Wireshark-dev@xxxxxxxxxxxxx
> http://www.wireshark.org/mailman/listinfo/wireshark-dev
>
>
_______________________________________________
Wireshark-dev mailing list
Wireshark-dev@xxxxxxxxxxxxx
http://www.wireshark.org/mailman/listinfo/wireshark-dev



--
Thanks,
Zongjun