On Thu, Nov 25, 2010 at 09:13:20AM +0100, news.gmane.com wrote:
> I want to reassemble messages in a TCP stream. I use the function
> tcp_dissect_pdus for this purpose. This works fine to populate the
> packet details tree. But what is the best way to collect all message
> summaries and write it to the packet list INFO column?
I'm not sure if I understand your question correctly. TCP reassembly
will gather the entire stream and present it to your dissection code all
at once.
> I have seen that my dissect function has been called multiple times
> for a specific packet. What is the best point of time to evaluate
> check_col(pinfo->cinfo, COL_INFO)
> and put the summary to packet list info column?
Typically you don't worry about that and just do it every time. If
necessary, you can check the pinfo->fd->flags.visited variable, which is
changed from FALSE to TRUE after the first time a packet is dissected.