[Jeff Morriss <jeff.morriss.ws@xxxxxxxxx>]

siri m wrote:
> Hi,
>
> We have a legacy custom plugin (written on top of UDP), which handles 
> multicast packets which may be fragmented, which works fine for normal 
> scenarios. However, the plugin fails to decode for the cases where there 
> can be duplicate fragments (for eg. one coming from the actual host and 
> another one from a firewall). The fragments are exactly the same 
> excepting that the ethernet source address is different.
>
> Can someone give me pointers as to how we could handle this special case 
> when re-assembling the fragments? Is there a way to ignore packets 
> coming from the firewall? Are there any sample plugins that have handled 
> this case, which I can refer to?

Do the fragments have sequence numbers?  If so your reassembly code 
could check them and drop the duplicates.  I think/imagine that's how 
most dissectors handle reassembly.