---- Guy Harris <[email protected]> wrote: ============= >Yes, that's what I said - a 3-byte BNP header and 250 bytes of BNP >data would have a count in the BNP header of 250, and the total length >of the packet, including the BNP header and the BNP data, would be 253.
sorry...mis-read >Therefore, to reassemble BNP packets - not to reassemble multi-message >stuff, just to reassemble the BNP header and data - you would use >tcp_dissect_pdus() in the dissector that handles the BNP header. The >fixed-length portion size handed to tcp_dissect_pdus() would be 3, to >cover the BNP header, and the get_pdu_len routine would fetch the byte >count from the BNP header, add 3 to it, and return the sum. Thanks, i have changed my code around and gotten the tcp_dissect_pdus() to work well. >The dissector routine called by tcp_dissect_pdus() will be handed one >BNP message - header plus data - at a time. That is exactly what it >is supposed to do, and what it should be doing. It would dissect the >BNP header, and then process the data appropriately. That might >involve doing its own reassembly, over and above the BNP-message >reassembly being done by the TCP dissector and tcp_dissect_pdus(), for >the multi-message stuff. i'm not really sure what i'm supposed to be looking into for doing my own assembly stuff. I was looking at reassemble.c as well as some packet-foo.c files that did their own reassembly, but i found them quite confusing. Is there any part of the reassemble.c file you would recommend, or an example file or anything you could point me at? Maybe a quick explanation of what are key parts in a self assembly? Thanks for all the help, Greg ___________________________________________________________________________ Sent via: Wireshark-dev mailing list <[email protected]> Archives: http://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:[email protected]?subject=unsubscribe ___________________________________________________________________________ Sent via: Wireshark-dev mailing list <[email protected]> Archives: http://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:[email protected]?subject=unsubscribe
