"global" tcp stream variables for a dissector.
Hi all,
I am kinda new to the development of wireshark dissectors and could not really find a good answer on this. I designed two dissectors, with one i have the following problem:
I have a lot of tcp packets, and one of the packets that are send are keep alive packets with information about what kind of system it is. Now do i need to save this information for the dissector because with this information i can make the right decisions in the parsing part.
SO what i basicly need to do is create a table and link information to an ip and depending on that information my dissector should make different decissions when the packet belongs to that ip (system), because one system has different opcodes than another system.
Can anybody point me in the right direction? Do i need a tap or anything?
