Thank you Olivier & Stephen I fixed my info problem and am now able to get my protocol dissected just the way I expect it to. Had a problem with my socket sending a ridiculous length -much more than the actual length and thus dissection couldn't start till the full length is available which in this case was impossible. Once fixed I have my protocol dissected just fine..
I realise though that TCP keeps record of the 1st segment before the full packet is available with the "reassembled segment", but not much of a concern as I still get my protocol tree when the whole packet is available. Definitely much easier than I thought. Regards Clifford ________________________________ From: wsgd <[email protected]> To: Developer support list for Wireshark <[email protected]> Sent: Friday, August 14, 2009 9:08:10 PM Subject: Re: [Wireshark-dev] Add the next Tvb packet to current tvb before dissecting Clifford Sibanda a écrit : > Thanks Olivier > > Actually I discovered the errors on storage class were because I > placed the tcp_dissect function within my main dissect function so I > have since moved it and at the moment I'm able to compile it right > through with no error. Now I just need to figure out how to get my > columns info and my protocol tree to reappear because now all I get is > my packet in the TCP protocol tree and column information indicating > that it is a TCP reassembled packet. It could be because tcp_dissect_pdus do not find the end of the pdu. Check that get_l2i_message_len returns a good length of message. > > ------------------------------------------------------------------------ > *From:* wsgd <[email protected]> > *To:* Developer support list for Wireshark <[email protected]> > *Sent:* Thursday, August 13, 2009 8:20:07 PM > *Subject:* Re: [Wireshark-dev] Add the next Tvb packet to current tvb > before dissecting > > > The warning is saying that the parameter 'pinfo' is NOT used inside the > function. > It is not important. > Try this : "packet_info *pinfo _U_," instead of "packet_info *pinfo," > (not sure that the warning will disappear). > > > The "storage" error ? > Absolutely not sure. > Try : > - remove the static keyword > - put the 2 functions in the same file where you call tcp_dissect_pdus > - put the 2 functions before the place where you call tcp_dissect_pdus > - do not declare function inside functions > > > > Olivier > > > Clifford Sibanda a écrit : > > Thank you Olivier for responding > > > > The reason why I attempted to do the reassemble the long way wa > > because using the tcp_dissect_pdus I get the following errors > > > > :647:error: invalid storage class for function 'dissect_l2i_message' > > for this line > > static void dissect_l2i_message(tvbuff_t *tvb, packet_info *pinfo, > > proto_tree *tree) > > { > > > > and same error for this line > > :652: error: invalid storage class for function 'get_l2i_message_len' > > for this line > > static guint get_l2i_message_len(packet_info *pinfo, tvbuff_t *tvb, > > int offset) > > { > > > > also > > a warning > > > > :651: warning: unused parameter 'pinfo' > > > > for the same line > > static guint get_l2i_message_len(packet_info *pinfo, tvbuff_t *tvb, > > int offset) > > { > > > > I'm not sure what it is that I'm doing wrong here > > > > I have taken note of void assignment by next_tvb= > > And i have removed it but I suppose if I can get the tcp_dissect_pdus > > to work for me the better because my protocol is running atop tcp. > > > > Regards > > > > Clifford > > ------------------------------------------------------------------------ > > *From:* wsgd <[email protected] <mailto:[email protected]>> > > *To:* Developer support list for Wireshark > <[email protected] <mailto:[email protected]>> > > *Sent:* Wednesday, August 12, 2009 8:27:38 PM > > *Subject:* Re: [Wireshark-dev] Add the next Tvb packet to current tvb > > before dissecting > > > > Hello, > > > > The displayed error says that tvb_set_child_real_data_tvbuff returns > > void (nothing). > > See epan/tvbuff.h > > So you are trying : next_tvb=void > > > > > > Other thing : > > I do not understand why you are trying to do reassembly by yourself > > since this is the goal of tcp_dissect_pdus. > > > > > > > > Olivier > > > > > > > > Clifford Sibanda a écrit : > > > > > > Good day > > > > > > I would like to get some assistance if anyone out there can. > > > > > > I am working a plugin dissector that handles data from an asynchronous > > > source. The asynchronous source first sends a packet with just the > > > message length of the next packet which contains the real data. > > > > > > What i would love to do is to keep this packet with just the length of > > > the next packet and append to it the next packet before I proceed with > > > dissecting.. > > > > > > I have tried using the tcp_dissect_pdus and the longer reassembly > > > method but I get this error using both methods: > > > > > > error: void value not ignored as it ought to be > > > > > > for this line > > > > > > next_tvb=tvb_set_child_real_data_tvbuff(tvb,next_tvb); > > > > > > I'm not sure what it is that I'm doing wrong > > > > > > And if there is a simpler way of just adding the next tvb without > > > going the reassemble route I would like to use that one > > > > > > Thank you > > > > > > Clifford Sibanda > > > Good day > > > > > > > > > > ------------------------------------------------------------------------ > > > > > > > > > ___________________________________________________________________________ > > > Sent via: Wireshark-dev mailing list > <[email protected] <mailto:[email protected]> > > <mailto:[email protected] > <mailto:[email protected]>>> > > > Archives: http://www.wireshark..org/lists/wireshark-dev > > <http://www.wireshark.org/lists/wireshark-dev> > > > Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev > > > mailto:[email protected] > <mailto:[email protected]> > > <mailto:[email protected] > <mailto:[email protected]>>?subject=unsubscribe > > > > > ___________________________________________________________________________ > > Sent via: Wireshark-dev mailing list <[email protected] > <mailto:[email protected]> > > <mailto:[email protected] > <mailto:[email protected]>>> > > Archives: http://www.wireshark.org/lists/wireshark-dev > > Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev > > mailto:[email protected] > <mailto:[email protected]> > > <mailto:[email protected] > <mailto:[email protected]>>?subject=unsubscribe > > > > ------------------------------------------------------------------------ > > > > > ___________________________________________________________________________ > > Sent via: Wireshark-dev mailing list <[email protected] > <mailto:[email protected]>> > > Archives: http://www.wireshark.org/lists/wireshark-dev > > Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev > > mailto:[email protected] > <mailto:[email protected]>?subject=unsubscribe > > ___________________________________________________________________________ > Sent via: Wireshark-dev mailing list <[email protected] > <mailto:[email protected]>> > Archives: http://www.wireshark.org/lists/wireshark-dev > Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev > mailto:[email protected] > <mailto:[email protected]>?subject=unsubscribe > > ------------------------------------------------------------------------ > > ___________________________________________________________________________ > Sent via: Wireshark-dev mailing list <[email protected]> > Archives: http://www.wireshark.org/lists/wireshark-dev > Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev > mailto:[email protected]?subject=unsubscribe ___________________________________________________________________________ Sent via: Wireshark-dev mailing list <[email protected]> Archives: http://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:[email protected]?subject=unsubscribe
___________________________________________________________________________ Sent via: Wireshark-dev mailing list <[email protected]> Archives: http://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:[email protected]?subject=unsubscribe
