Wireshark-dev: Re: [Wireshark-dev] Single TCP segment having multiple PDUs not working
Ronnie,
I could have 30 different kinds of messages and I just can't know the fix length. However, using tcp_dissect_pdus you have to give the fix length.
Zongjun
On 9/27/07,
ronnie sahlberg <ronniesahlberg@xxxxxxxxx> wrote:
try using tcp_dissect_pdus() to handle the case with pdus transported
ontop of tcp
it will take care of this for you automatically
On 9/28/07, Zongjun <qizongjun@xxxxxxxxx
> wrote:
> Hey guys,
>
> According to my capture, I don't have situations where ONE PDU spans over
> multiple TCP segment. In stead, mine is the other round: Single segment
> having multiple PDUs.
>
> But using the folling code, what I observed is wireshark did put multiple
> PDU info inside the Detail Window after TCP, however these PDUs are always
> the same. But in the bottom hexdump window, they are definitely from
> different PDU.
>
> I noticed there has been a similar issue before Wireshark-dev: Re:
> [Wireshark-dev] Dissect multiple PDUs in one TCP Segment.
> But again, it is not for single segment having multiple PDU.
>
> Anyone see the same issue?
>
> Thanks,
> Zongjun
>
>
> static void
> dissect_myproto(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree)
> {
> gint offset = 0; // always points to the front
> gint available = 0; // how many bytes still available to consume
>
> while((available = tvb_reported_length_remaining(tvb,
> offset)) > 0)
> {
> printf("available = %d\n", available);
>
>
>
>
> /* make entry in the Protocol column on summary display */
> if (check_col(pinfo->cinfo, COL_PROTOCOL))
> col_set_str(pinfo->cinfo, COL_PROTOCOL, PSNAME);
>
>
>
>
> /* create the myproto protocol tree */
> if (tree) {
> myproto_item = proto_tree_add_item(tree, proto_myproto, tvb, offset,
> -1, FALSE);
>
>
>
>
> myproto_tree = proto_item_add_subtree(myproto_item,
> ett_myproto);
>
> offset +=
> dissect_MyProtoMessage_PDU(tvb,pinfo,myproto_tree);
>
>
>
>
> }
> printf("offset = %d\n", offset);
>
>
>
>
> if(tvb_reported_length_remaining(tvb, offset) > 0)
> {
> printf("haha, we get a multiple PDU. \n");
> }
> } //while:
> }
>
>
> _______________________________________________
> Wireshark-dev mailing list
> Wireshark-dev@xxxxxxxxxxxxx
> http://www.wireshark.org/mailman/listinfo/wireshark-dev
>
>
_______________________________________________
Wireshark-dev mailing list
Wireshark-dev@xxxxxxxxxxxxx
http://www.wireshark.org/mailman/listinfo/wireshark-dev
--
Thanks,
Zongjun