Michael Mann
changed
bug 8275
| What |
Removed |
Added |
| Attachment #12004 is obsolete |
|
1
|
| Attachment #12004 Flags |
review_for_checkin?
|
|
Comment # 26
on bug 8275
from Michael Mann
Created attachment 12159 [details]
Cleaned up patch
I cleaned up the dissector with a few things:
1. Reordered functions so there didn't need to be a declaration at the top of
the file
2. Removed all functions used strictly for testing.
3. Removed unnecessary includes
4. Converted dissector to "new style" so it give other dissectors a shot if its
determined the packet isn't an ACL message
5. Added ACL by handle to "tcp.port" so you can still use Decode As without a
port range.
Played around with the dissector a bit and the reassembly still doesn't seem to
work. For example, packet 10 in provided capture includes "most" of a message
(missing ending parathessis?) yet it is never "reassembled". Packet 12 appears
to be a complete message, but is perhaps thrown off by packet 10?
Overall I think fields should be populated when found and not wait for a
"complete" list of parameters. It makes finding truly malformed packets much
easier.
You are receiving this mail because:
- You are watching all bug changes.