Hey Didier,
I put "offset_thisRound =
dissect_MyProtoMessage_PDU(tvb,pinfo,myproto_tree); " after if(tree){...},
and IT WORKS! I can have multiple different PDUs in one segment! Amazing!
The only thing is now I get much frequenter cases of "malformed packet".
I don't understand your point #3. You mean put it outside if(tree){...}, or
outside while (){...}
Here is my current code:
static void
dissect_myproto(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree)
{
gint offset = 0; // always points to the front
gint available = 0; // how many bytes still available to consume
gint offset_thisRound = 0;
while((available = tvb_reported_length_remaining(tvb, offset)) > 0)
{
printf("available = %d\n", available);
/* make entry in the Protocol column on summary display */
if (check_col(pinfo->cinfo, COL_PROTOCOL))
col_set_str(pinfo->cinfo, COL_PROTOCOL, PSNAME);
/* create the myproto protocol tree */
if (tree) {
myproto_item = proto_tree_add_item(tree, proto_myproto, tvb, offset,
-1, FALSE);
myproto_tree = proto_item_add_subtree(myproto_item, ett_myproto);
}
offset_thisRound = dissect_MyProtoMessage_PDU(tvb,pinfo,myproto_tree);
offset += offset_thisRound;
} //while:
}
On 9/27/07, Didier <[EMAIL PROTECTED]> wrote:
>
> *On Thu, 27 Sep 2007 13:13:17 -0700, Zongjun wrote*
> > On 9/27/07, Zongjun <[EMAIL PROTECTED]> wrote:
> >
> > Hey Didier,
> > >
> > > You mean like
>
>
> >
> > gint offset_thisRound = 0; // of course, outside if(tree)block.
> >
> >
> >
> > if (tree) {
> > > myproto_item = proto_tree_add_item(tree, proto_myproto, tvb,
> > offset, -1, FALSE);
> > > myproto_tree = proto_item_add_subtree(myproto_item,
> > ett_myproto);
> > > offset_thisRound =
> > dissect_MyProtoMessage_PDU(tvb,pinfo,myproto_tree);
> > > }
> > > offset += offset_thisRound;
> > >
> > > I tried but still the same result.
> > No you have to:
> > 1) compute offset_thisRound outside 'if (tree)' otherwise you'll get and
> > endless loop if tree is null, if you unset coloring and reload the file for
> > example.
> >
> > 2) call dissect_MyProtoMessage_PDU with the new offset.
> > while(...) {
> > offset_thisRound = dissect_MyProtoMessage_PDU(tvb,pinfo,offset, tree);
> > offset += offset_thisRound;
> > }
> >
> > 3) IMO myproto_item = proto_tree_add_item(tree, proto_myproto, tvb,
> > offset, -1, FALSE); should be outside the loop, inside it breaks the
> > protocol hierarchy statistic.
> >
> > Thanks,
> > Zongjun
> > >
> >
> > >
> > > On 9/27/07, Didier <[EMAIL PROTECTED]> wrote:
> > >
> > >
> > > >
> > > > Hi*
> > > > On Thu, 27 Sep 2007 12:02:32 -0700, Zongjun wrote*
> > > > > Hey guys,
> > > > >
> > > > > According to my capture, I don't have situations where ONE PDU
> > > spans over multiple TCP segment. In stead, mine is the other round: Single
> > > segment having multiple PDUs.
> > > > >
> > > > > But using the folling code, what I observed is wireshark did put
> > > multiple PDU info inside the Detail Window after TCP, however these PDUs
> > > are
> > > always the same. But in the bottom hexdump window, they are definitely
> > > from
> > > different PDU.
> > > > >
> > > > > I noticed there has been a similar issue before Wireshark-dev: Re:
> > > [Wireshark-dev] Dissect multiple PDUs in one TCP
> > > Segment.<http://www.wireshark.org/lists/wireshark-dev/200705/msg00294.html>
> > > > > But again, it is not for single segment having multiple PDU.
> > > > >
> > > > > Anyone see the same issue?
> > > > >
> > > > > Thanks,
> > > > > Zongjun
> > > > >
> > > > > static void
> > > > > dissect_myproto(tvbuff_t *tvb, packet_info *pinfo, proto_tree
> > > *tree)
> > > > > {
> > > > > gint offset = 0; // always points to the front
> > > > > gint available = 0; // how many bytes still available to consume
> > > > >
> > > > > while((available = tvb_reported_length_remaining(tvb, offset)) >
> > > 0)
> > > > > {
> > > > > printf("available = %d\n", available);
> > > > >
> > >
> > >
> > > > > /* make entry in the Protocol column on summary display */
> > > > > if (check_col(pinfo->cinfo, COL_PROTOCOL))
> > > > > col_set_str(pinfo->cinfo, COL_PROTOCOL, PSNAME);
> > > > >
> > >
> > >
> > > > > /* create the myproto protocol tree */
> > > > > if (tree) {
> > > >
> > > > > myproto_item = proto_tree_add_item(tree, proto_myproto,
> > > tvb, offset, -1, FALSE);
> > > > >
> > >
> > >
> > > > > myproto_tree = proto_item_add_subtree(myproto_item,
> > > ett_myproto);
> > > > >
> > > > > offset +=
> > > dissect_MyProtoMessage_PDU(tvb,pinfo,myproto_tree);
> > > > offset computation should always be outside if (tree) block .
> > > > >
> > >
> > >
> > > > > }
> > > > > printf("offset = %d\n", offset);
> > > > >
> > >
> > >
> > > > > if(tvb_reported_length_remaining(tvb, offset) > 0)
> > > > > {
> > > > > printf("haha, we get a multiple PDU. \n");
> > > > > }
> > > > > } //while:
> > > > > }
> > > >
> > > >
> > > > _______________________________________________
> > > > Wireshark-dev mailing list
> > > > [email protected]
> > > > http://www.wireshark.org/mailman/listinfo/wireshark-dev
> > > >
> > > >
> >
> >
> > >
> >
> > > --
> > > Thanks,
> > > Zongjun
> >
>
> >
>
> > --
> > Thanks,
> > Zongjun
>
>
>
> _______________________________________________
> Wireshark-dev mailing list
> [email protected]
> http://www.wireshark.org/mailman/listinfo/wireshark-dev
>
>
--
Thanks,
Zongjun
_______________________________________________
Wireshark-dev mailing list
[email protected]
http://www.wireshark.org/mailman/listinfo/wireshark-dev
