Look at http://anonsvn.wireshark.org/wireshark/trunk/doc/README.developer 2.7.2 Modifying the pinfo struct.
Olivier Jarolin, Robert a écrit : > > I am working on a dissector for dissecting character string oriented > TCP messages. The messages are of variable length with no header > specifying the length. The message is considered finished when a '\n' > character is found. These messages may span multiple packets as well > as have multiple messages in 1 packet. > > I have only written dissectors that have header info that can be used > to return a length value for tcp_dissect_pdus to handle the > fragmentation. Since I cannot determine the length until I find a > '\n' character, how can I dissect these message types? > > Is there a way to parse a packet, get to the end of the packet, then > realize you need to continue the current dissection with the next > packet? If so, how? > > Thanks for any help! > > > Confidentiality Notice: This e-mail (including any attachments) is > intended only for the recipients named above. It may contain > confidential or privileged information and should not be read, copied > or otherwise used by any other person. If you are not a named > recipient, please notify the sender of that fact and delete the e-mail > from your system. > ------------------------------------------------------------------------ > > ___________________________________________________________________________ > Sent via: Wireshark-dev mailing list <[email protected]> > Archives: http://www.wireshark.org/lists/wireshark-dev > Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev > mailto:[email protected]?subject=unsubscribe ___________________________________________________________________________ Sent via: Wireshark-dev mailing list <[email protected]> Archives: http://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:[email protected]?subject=unsubscribe
