Revision history [back]

tcp_dissect_pdus - not working correctly

Wireshark which runs my FOO plugin. Next I import a file from hex dump. The file contains the following:

0000 0a 03 ... 00 70 03 If you skip 0000, the file contains 125 bytes. TCP will split the message into 12 packets of 10 plus 1 packet of 5 bytes.

HEADER TEXT ETX CHAR 8 124 03

define FOO_HDR_SIZE 8

static guint get_foo_pdu_length(packet *pinfo, tvbuff_t *tvb, int offset void *data) { return FOO_HDR_SIZE + 1; }

static int dissect_foo(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void *data) { tcp_dissect_pdu(tvb, pinfo, tree, TRUE, FOO_HDR_SIZE, get_foo_pdu_len, dissect_foo_message, data);

 return tvb_reported_length(tvb);

}

dissect_foo call get_foo_pdu_len (2x) and then call dissect_foo_message(...). It does not have the complete reassembled message. Why is it calling dissect_foo_message?

tcp_dissect_pdus - not working correctly

Wireshark which runs my FOO plugin. Next I import a file from hex dump. The file contains the following:

0000 0a 03 ... 00 70 03 If you skip 0000, the file contains 125 bytes. TCP will split the message into 12 packets of 10 plus 1 packet of 5 bytes.

HEADER TEXT ETX CHAR 8 124 03

define
#define FOO_HDR_SIZE 8
8 static guint get_foo_pdu_length(packet *pinfo, tvbuff_t *tvb, int offset void *data) { return FOO_HDR_SIZE + 1; } } static int dissect_foo(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void *data) { tcp_dissect_pdu(tvb, pinfo, tree, TRUE, FOO_HDR_SIZE, get_foo_pdu_len, dissect_foo_message, data); data); return tvb_reported_length(tvb); } } dissect_foo call get_foo_pdu_len (2x) and then call dissect_foo_message(...). It does not have the complete reassembled message. Why is it calling dissect_foo_message?

Revision history [back]

tcp_dissect_pdus - not working correctly

define FOO_HDR_SIZE 8

tcp_dissect_pdus - not working correctly

define #define FOO_HDR_SIZE 8

define
`#define FOO_HDR_SIZE 8`