On Jul 11, 2010, at 3:26 PM, David Aggeler wrote:
> I was asking on how to properly do reassembly before I started, but did
> not get much more that references to tcp_dissect_pdus().
tcp_dissect_pdus() is useful *ONLY* for protocols that:
run immediately atop TCP;
have, for each PDU, a section at the beginning, guaranteed to be at least N bytes long for some value of N, and from which the length of the PDU can be determined;
and is only useful for reassembling pieces of TCP segments into a PDU for those protocols.
There are a *lot* of protocols like that, so it's very useful...
...but it's not the only mechanism for doing reassembly, and it shouldn't be suggested to people trying to do other forms of reassembly - for example, protocols running over something other than TCP, or having their own level of fragmentation over and above fragmentation into pieces of TCP segments.