 | 1 | initial version |
There are generally 2 ways (that I'm aware of) to solve this, either by:
dissect_tcp_pdus() - refer to Section 11.6.8.2 of the Wireshark Developer's Guidedissect_tcp_pdus() does, either out of necessity or by preference.I've tried both methods in the past and generally prefer the 2nd of the two options, mainly because I've run into error handling limitations using dissect_tcp_pdus(). If you also want to try the 2nd method, then essentially just follow along with the fpm.lua example provided on the Wireshark Lua Examples Wiki Page under the A dissector tutorial with TCP-reassembly section.