Hi
Whats wrong in my below code? Reassembly of packets not happening.i can able to build but its not processing any?
iamn creating tvb mine_tvb whih is re assembled data and pass to a function.
please help.
static reassembly_table mine_reassembly_table;
static int hf_mine_fragments = -1;
static int hf_mine_fragment = -1;
static int hf_mine_fragment_overlap = -1;
static int hf_mine_fragment_overlap_conflicts = -1;
static int hf_mine_fragment_multiple_tails = -1;
static int hf_mine_fragment_too_long_fragment = -1;
static int hf_mine_fragment_error = -1;
static int hf_mine_fragment_count = -1;
static int hf_mine_reassembled_in = -1;
static int hf_mine_reassembled_length = -1;
static gint ett_mine_fragment = -1;
static gint ett_mine_fragments = -1;
static const fragment_items mine_frag_items = {
/* Fragment subtrees */
&ett_mine_fragment,
&ett_mine_fragments,
/* Fragment fields */
&hf_mine_fragments,
&hf_mine_fragment,
&hf_mine_fragment_overlap,
&hf_mine_fragment_overlap_conflicts,
&hf_mine_fragment_multiple_tails,
&hf_mine_fragment_too_long_fragment,
&hf_mine_fragment_error,
&hf_mine_fragment_count,
/* Reassembled in field */
&hf_mine_reassembled_in,
/* Reassembled length field */
&hf_mine_reassembled_length,
/* Reassembled data field */
NULL,
/* Tag */
"mine fragments"
};
static void mine_init_protocol(void)
{
/* fragment_table_init(&mine_fragment_table); */
/* reassembled_table_init(&mine_reassembled_table); */
reassembly_table_init(&mine_reassembly_table, &addresses_reassembly_table_functions);
}
save_fragmented = pinfo->fragmented;
pinfo->fragmented = TRUE;
mine_frag_msg = fragment_add_seq_next(&mine_reassembly_table,next_tvb, offset_payload, pinfo, mine_seqid, NULL,
reassebled_data_total_length, more_frags);
mine_tvb = process_reassembled_data( next_tvb, offset_payload, pinfo, "Reassembled PDU", mine_frag_msg,
&mine_frag_items, NULL, FT_BCnPDU_tree );
reassebled_data_total_length =0;
proto_tree_add_text(FT_BCnPDU_tree, mine_tvb, offset_payload, 1, " reassebled data ");
ALSIGPDU(mine_tvb, pinfo, tree);</code></pre><p>please help.</p><p>Thanks</p><p>Raj</p></div><div id="question-tags" class="tags-container tags"><span class="post-tag tag-link-reassembly" rel="tag" title="see questions tagged 'reassembly'">reassembly</span></div><div id="question-controls" class="post-controls"></div><div class="post-update-info-container"><div class="post-update-info post-update-info-user"><p>asked <strong>19 Nov '14, 19:40</strong></p><img src="https://secure.gravatar.com/avatar/1339589a92af9455063c09e56bfc6299?s=32&d=identicon&r=g" class="gravatar" width="32" height="32" alt="umar's gravatar image" /><p><span>umar</span><br />
26●22●24●27
accept rate: 0%
Is your code compiling ? Show us your fragmentation function please cause I don’t think the code above build successfully
hi afrim
My code is compiling without any error , but when end of message packet comes, it get crash.
only the above steps i have followed. what is the fragmentation function mean? what are the other steps there to complete the reassembly. Please help.
i have refered this and followed the steps. http://www.linuxtopia.org/online_books/network_security/wireshark_development_guide/wireshark_ChDissectReassemble.html
If I copy/past your code above it definitely not work. I need to see your fragmentation function (there is no function in the code above).
Your function should return a new buffer with all data reassembled in “mine_tvb” if the reassembly is successfull. Otherwise you should call data dissector because the reassembly is unsuccessful (because it’s not the last fragment or maybe wrong parameter is your fragment_add_seq_next() function)
note : I have 3 type of frames in different packets. 1. Beginning of message 2. continuation of message 3. End of message.
I will have the information about total length of the PDU message in the Beginning of Messsage packet. and my messeges are coming in order ie. beginning message , continuation of the message (in other packet ) and end of message (here i should combine all data and reassemble).
Its look like some process iam missing out. please help!
more_frags=0;
Hi
Any one can help me on this?
Well it’s not the way you reassamble data. Did you take a look at an exemple of reassemble in epan directory ? Take a look at an exemple in epan/dissectors.
You don’t need “case”, the “mine_init_protocol()” function should not be called there. Try to look at a dissector in epan directory and keep the same code architecture for your dissector.
Hi Afrim
you mean this? in reassemble.c ?
{ tvbuff_t next_tvb; gboolean update_col_info; proto_item frag_tree_item;
}
Disclaimer: I have not checked your code… Take a look at packet-sccp.c I think it has a pretty straight forward implementation of reassembly.
Hi Anders i have followed thew same steps and i have a condition like
Iam getting always Message Fragmented in col info. looks like Some thing wrong and a majot step i have missed. mte_frag_msg itself not succesful. is ther any steps for diplaying in seperate tab as Reassembled data ?? Please Help!
Are you stepping the sequence number for each packet and setting more_fragments to false for the last packet?
HI
My Sequence number set to 0 Zero. Because my packets messages always comes in order. More frags i have set to TRUE and in the last packet i made it FALSE.
As you have first middle and last packet try setting the sequence number to 1 2 3 respectivly.
one more doubt! my pdu length bit is 12 bit and when i stor in 32 bit gint. How one byte by byte the data stord in table? How does it copy the data into the table?
Hi anyone help me on this please.
Hi
Anders , ANyone Help Me please!
I Have tried setting up seq number 1,2,3 and tried . still same.
so tvb itself not created. please suggest.