Hey guys, According to my capture, I don't have situations where ONE PDU spans over multiple TCP segment. In stead, mine is the other round: Single segment having multiple PDUs.
But using the folling code, what I observed is wireshark did put multiple PDU info inside the Detail Window after TCP, however these PDUs are always the same. But in the bottom hexdump window, they are definitely from different PDU. I noticed there has been a similar issue before Wireshark-dev: Re: [Wireshark-dev] Dissect multiple PDUs in one TCP Segment.<http://www.wireshark.org/lists/wireshark-dev/200705/msg00294.html> But again, it is not for single segment having multiple PDU. Anyone see the same issue? Thanks, Zongjun static void dissect_myproto(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree) { gint offset = 0; // always points to the front gint available = 0; // how many bytes still available to consume while((available = tvb_reported_length_remaining(tvb, offset)) > 0) { printf("available = %d\n", available); /* make entry in the Protocol column on summary display */ if (check_col(pinfo->cinfo, COL_PROTOCOL)) col_set_str(pinfo->cinfo, COL_PROTOCOL, PSNAME); /* create the myproto protocol tree */ if (tree) { myproto_item = proto_tree_add_item(tree, proto_myproto, tvb, offset, -1, FALSE); myproto_tree = proto_item_add_subtree(myproto_item, ett_myproto); offset += dissect_MyProtoMessage_PDU(tvb,pinfo,myproto_tree); } printf("offset = %d\n", offset); if(tvb_reported_length_remaining(tvb, offset) > 0) { printf("haha, we get a multiple PDU. \n"); } } //while: }
_______________________________________________ Wireshark-dev mailing list [email protected] http://www.wireshark.org/mailman/listinfo/wireshark-dev
