Wireshark · Wireshark-dev: Re: [Wireshark-dev] Dissector global variable

Wireshark-dev: Re: [Wireshark-dev] Dissector global variable

From: Hans Glück <hanschris.glueck@xxxxxxxx>

Date: Tue, 1 Jul 2008 18:55:48 +0000 (GMT)

Hi,

Ok, I read through the documents but now I think it is not possible to realize my "problem"/task in wireshark.
I have a communication on 2-3 channels, ok therefor I could use conversations. But I want also that I can calculate the next expected frame on e.g. channel 1, therefor I extract the actual frame number out of frame n and increase it (="next calculated frame number"). Then I´ll compare the calculated frame number with the frame number of the next received frame n+1 on channel 1. But because of the random access of the capture file I do not know whether the "next calculated frame number" should be the same like the actual frame n+i. I couldn´t find out if the last dissected packet (where I calculate the "next calculated frame number") was really the predecessor of my actual frame. With the help of timestamps I can find out if the last dissected packet was A predecessor but not if it was THE predecessor of my actual frame. I could also check, if frame n-1 was already visited, but that doesn´t helps, too.

Am I wrong or is there a possibility?

Regards and Thanks
Chris

----- Ursprüngliche Mail ----
Von: Jaap Keuter <jaap.keuter@xxxxxxxxx>
An: Developer support list for Wireshark <wireshark-dev@xxxxxxxxxxxxx>
Gesendet: Montag, den 30. Juni 2008, 19:44:30 Uhr
Betreff: Re: [Wireshark-dev] Dissector global variable

Hi,

A global variable won't work for two reasons:
1. The capture file is accessed randomly.
2. You might have multiple exchanges you need to follow.

To tackle point 2 you can use conversations. Read about them in 
README.developer. To collect and keep track of protocol data across packets 
have a look at README.request_response_tracking.

Thanx,
Jaap

Hans Glück wrote:
> Hello, 
> 
> I´m writing a dissector and I want to implement "error recovery mode"/"flow control", therefor I need two gloabl variables where I can store some values (-> "next_expected_frame_to_be_recieved" and "next_expected_frame_to_be_send"). 
> I declared them at the beginning of my c-file: 
> static guint8 next_expected_frame_to_be_recieved = 0; 
> static guint8 next_expected_frame_to_be_send = 0; 
> 
> And I set value of this variables in my dissector code: 
> static void dissect_mux27010(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree){ 
>     ... 
>     if (received_successful()) { 
>         next_expected_frame_to_be_recieved++; 
>     } 
>     ... 
> } 
> 
> My problem is: Every time I click in Wireshark at packet the value is increased e.g. 
> click first packet -> next_expected_frame_to_be_recieved == 1 
> click second packet -> next_expected_frame_to_be_recieved == 2 
> click first packet -> next_expected_frame_to_be_recieved == 3 
> click second packet -> next_expected_frame_to_be_recieved == 4 
> 
> But what I want is that the variables are increased step-by-step/ ordered (if packet n is an ACK -> increase; if packet n+1 is an ACK -> increase...) 
> How can I realize this? 
> 
> Thanks for any advice. 
> Chris 
> 

_______________________________________________
Wireshark-dev mailing list
Wireshark-dev@xxxxxxxxxxxxx
https://wireshark.org/mailman/listinfo/wireshark-dev

      __________________________________________________________
Gesendet von Yahoo! Mail.
Dem pfiffigeren Posteingang.
http://de.overview.mail.yahoo.com

Prev by Date: [Wireshark-dev] reassemble packets
Next by Date: [Wireshark-dev] Script using tshark
Previous by thread: [Wireshark-dev] reassemble packets
Next by thread: [Wireshark-dev] Script using tshark
Index(es):
- Date
- Thread