thank ,
but its still not working :-(
meybe the scenario im trying here is wrong .
it looks like this :
*i am trying to send two separate buffers , and dissect them as one message
.*
byte[] b1 = { 0, 3 }; //header
byte[] b2 = { 5, 5, 5 }; //data
*my dissector is for a 5 bytes message , and is successfull when i send the
message like this byte[] buffer = { 0, 3, 5, 5, 5 }; *
*my dissection code is :*
static guint get_message_len(packet_info *pinfo, tvbuff_t *tvb, int offset)
//a
{
return 3; // the value from the header that represents the
length of the data coming after the header
}
static void foo_msg_dissect(tvbuff_t *tvb, packet_info *pinfo, proto_tree
*tree)
{
tcp_dissect_pdus(tvb, pinfo, tree, TRUE, 2,get_message_len,
dissect_foo);
}
void dissect_mxm(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree)
{
if (check_col(pinfo->cinfo, COL_PROTOCOL))
col_set_str(pinfo->cinfo, COL_PROTOCOL, "mxm");
if (check_col(pinfo->cinfo,COL_INFO))
col_clear(pinfo->cinfo,COL_INFO);
if (tree) /* we are being asked for details */
{
proto_item *ti;
mxm *msg;
ti = proto_tree_add_item(tree, proto_mxm, tvb, 0, -1, FALSE);
tree = proto_item_add_subtree(ti, ett_mxm);
msg = ep_alloc(sizeof(mxm));
/* call the call dissection logic for my message . */
............
............
}
}
problem is my message is not being reassmbled .
When i try to dissect with this code , wireshark throws an exception for
each part of the buffer i send (b1 & b2) ,
and i see in the GUI only the header tree, but with different values (first
packet with the right header values , and 2nd packet with values from the
message itself . )
Thanks
Yonatan
2009/2/23 Stephen Fisher <[email protected]>
> On Mon, Feb 23, 2009 at 10:00:47AM +0200, ???????? ???????? wrote:
>
> > im refering to the
> > pinfo->desegment_offset & pinfo->desegment_len
>
> You do not need to modify those variables when using tcp_dissect_pdus.
>
> Those variables are used for more complex desegmentation for TCP as well
> as other protocols. Refer to section 2.7 of doc/README.developer for
> more details.
>
>
> Steve
>
> ___________________________________________________________________________
> Sent via: Wireshark-dev mailing list <[email protected]>
> Archives: http://www.wireshark.org/lists/wireshark-dev
> Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
> mailto:[email protected]?subject=unsubscribe
>
___________________________________________________________________________
Sent via: Wireshark-dev mailing list <[email protected]>
Archives: http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
mailto:[email protected]?subject=unsubscribe
