Hello, I'm making some addings and modifications to the protocol
hierarchy statistics. Now I'm dealing with extracting the duration of
a TCP communication. In order to obtain that, I need that when a TCP
paquet it's parsed I could take a look at the flags ACK and FIN.
I have been reading the mails about the topic:
referencing specific tcp protocol data
but what I don't understand is How can I access the information stored
??? I know that there is a structure called tcphdr that maintains all
that information and I know that once a frame is parsed that information
is saved but I don't know how I can access. I have the pointers to
field_info, header_field_info ... and I do the same
loop that does proto_hier_stats.c. I think that should be easy to
access that way to the structure and I think it should be a casting
missing or something like that but I can't find it.
Thanks