Wireshark-dev: Re: [Wireshark-dev] tcp_dissect_pdus. get reassemble TCP
On 10/15/2012 11:05 AM, Bill Meier wrote:
Hi Bill, I didn't finish the code, now i'm testing the function
tcp_dissect_pdus() to check whether it works. But i try to give specific
code in the below comment. besides that I have two questions: 1. I
cannot get the len in advance, for the protocol didn't give it... is
there any other way to get it? 2. for test, i set the return value of
get_foo_message_len fixed, like 2000. but the data i get is not
consecutive? confused...
===========
OK:
2. Re: "I cannot get the len in advance"
What determines when you have a complete PDU (which presumably
consists of TCP payload data which may extend over several packets).
Also: depending upon the exact format of your PDUs, it may not be
possible to use tcp_dissect_pdus() (since that approach requires some
way of determining the actual length of the PDU from information in an
initial part of the PDU).
If using tcp_dissect_pdus() is not possible, a significantly more
complex solution is required.
Reading through doc/README.developer, section 2.7.2, and thru the
following message thread may help.
https://www.wireshark.org/lists/wireshark-dev/200609/msg00174.html