Revision history - Ask Wireshark

get_foo_message_len - What should this function return?

Example from the Wireshark documentation:

/* determine PDU length of protocol foo / static guint get_foo_message_len(packet_info *pinfo _U_, tvbuff_t *tvb, int offset, void *data _U_) { / TODO: change this to your needs / return (guint)tvb_get_ntohl(tvb, offset+4); / e.g. length is at offset 4 */ }

Here is the raw data imported into wireshark 000000 0a 01 00 00 00 00 00 10 03 0a 02 00 00 00 00 00 11 03

The raw data shows 2 messages. A message ends with 03.

first call to get_foo_message_len(...)

 the tvb buffer contains the following:
      tvb 0 = 10
      tvb 1 =   1
      tvb 2 =   0
      tvb 3 =   0
      tvb 4 =   0
      tvb 5 =   0
      tvb 6 =   0
      tvb 7 = 16
      tvb 8 =   3
      tvb 9 = 10

The 1st message ends a tvb 8. The next message begins with tvb 9. What should the get_foo_message_len return? tvb 9 = 10

get_foo_message_len - What should this function return?

Example from the Wireshark documentation:

/* determine PDU length of protocol foo / */ static guint get_foo_message_len(packet_info *pinfo _U_, tvbuff_t *tvb, int offset, void *data _U_) { / /* TODO: change this to your needs / */ return (guint)tvb_get_ntohl(tvb, offset+4); / /* e.g. length is at offset 4 */ }}

Here is the raw data imported into wireshark 000000 0a 01 00 00 00 00 00 10 03 0a 02 00 00 00 00 00 11 03

The raw data shows 2 messages. A message ends with 03.

first call to get_foo_message_len(...)

the tvb buffer contains the following: tvb 0 = 10 tvb 1 = 1 tvb 2 = 0 tvb 3 = 0 tvb 4 = 0 tvb 5 = 0 tvb 6 = 0 tvb 7 = 16 tvb 8 = 3 tvb 9 = 10

The 1st message ends a tvb 8. The next message begins with tvb 9. What should the get_foo_message_len return? tvb 9 = 10

get_foo_message_len - What should this function return?

Example from the Wireshark documentation:

/* determine PDU length of protocol foo */
static guint
get_foo_message_len(packet_info *pinfo _U_, tvbuff_t *tvb, int offset, void *data
_U_)
{
/* TODO: change this to your needs */
return (guint)tvb_get_ntohl(tvb, offset+4); /* e.g. length is at offset 4 */
}

Here is the raw data imported into ~~wireshark~~ wireshark

000000 0a 01 00 00 00 00 00 10 03 0a 02 00 00 00 00 00 11 0303

The raw data shows 2 messages. A message ends with 03.

first call to get_foo_message_len(...)

 the tvb buffer contains the following:
      tvb 0 = 10
      tvb 1 =   1
      tvb 2 =   0
      tvb 3 =   0
      tvb 4 =   0
      tvb 5 =   0
      tvb 6 =   0
      tvb 7 = 16
      tvb 8 =   3
      tvb 9 = 10

The 1st message ends a tvb 8. The next message begins with tvb 9. What should the get_foo_message_len return? tvb 9 = 10

get_foo_message_len - What should this function return?

Example from the Wireshark documentation:

/* determine PDU length of protocol foo */
static guint
get_foo_message_len(packet_info *pinfo _U_, tvbuff_t *tvb, int offset, void *data
_U_)
{
 /* TODO: change this to your needs */
 return (guint)tvb_get_ntohl(tvb, offset+4); /* e.g. length is at offset 4 */
}

Here is the raw data imported into wireshark

000000 0a 01 00 00 00 00 00 10 03 0a 02 00 00 00 00 00 11 03

The raw data shows 2 messages. A message ends with 03.

first call to get_foo_message_len(...)

 the tvb buffer contains the following:
      tvb 0 = 10
      tvb 1 =   1
      tvb 2 =   0
      tvb 3 =   0
      tvb 4 =   0
      tvb 5 =   0
      tvb 6 =   0
      tvb 7 = 16
      tvb 8 =   3
      tvb 9 = 10

The 1st message ends a tvb 8. The next message begins with tvb 9. What should the get_foo_message_len return? tvb 9 = 10

Revision history [back]

get_foo_message_len - What should this function return?

get_foo_message_len - What should this function return?

get_foo_message_len - What should this function return?

get_foo_message_len - What should this function return?