Wireshark-dev: [Wireshark-dev] Reassembling Packets need some help plz

Date Prev · Date Next · Thread Prev · Thread Next
Date Index · Thread Index · Other Months · All Mailing Lists
From: Marcel Haas <inf462@xxxxxxxxxxx>
Date: Tue, 20 Sep 2011 14:43:04 +0200
Hello,
im just writeing my first dissector and i have some problems with the reassembling My prtocoll contain some fields for Snode =ID ,Packetnumber and total packets 
i get them with
snode =tvb_get_guint8(tvb,offset);offset +=1;
pnum =tvb_get_guint8(tvb,offset);offset +=1;
totalp =tvb_get_guint8(tvb,offset);

Example for a packet split into 3 :

Snode=12
pnum=1
total=3

Sonde=12
pnum=2
total=3

Snode=12
pnum=3
total=3

the packet consists of an Trans Header, a App Header and Data.
IF its fragmented only the frist packet consists auf tran,app and data
the other fragments consists only of trans and data.
For the reassembled tvb only the data are importent. the lengh of the trans-header r given in a field loh. I think my fragment_add_seq_check function doesnt work right cause everytime i get a 0 returned 
thx.

Code:
      save_fragmented = pinfo->fragmented;
if (totalp > 1 && pnum<=totalp){ //check if it has to be reassembled 
            if(pnum==1){
offset2=loh+20; // First packet, Packet with Tran + App Header ,App Header =20 Byte 
            }
            else{
offset2=loh; // Not First Packet only trans header 
            }
if(totalp==pnum){ more_frag=FALSE;} //Total Packet == pnum =>Last Packet set more_frags =FALSE else {more_frag=TRUE;} // Not Last Packet =>set more_frags=TRUE 

            msg_seqid =snode;
            msg_num = pnum-1;
            pinfo->fragmented = TRUE;
            frag_msg = fragment_add_seq_check(tvb, offset2, pinfo,
                msg_seqid, // ID for fragments belonging together
                msg_fragment_table, // list of message fragments
                msg_reassembled_table, // list of reassembled messages
                msg_num, // fragment sequence number
tvb_length_remaining(tvb, offset2), //fragment length - to the end 
                more_frag); // More Frag

                printf("%d",(int)frag_msg);// PRINTF wieder raus
            new_tvb = process_reassembled_data(tvb, offset2, pinfo,
                "Reassembled Message", frag_msg, &msg_frag_items,
                NULL,nos_tree);

            if (frag_msg) { // Reassembled
                col_append_str(pinfo->cinfo, COL_INFO,
                        " (Message Reassembled)");
            } else { // Not last packet of reassembled Short Message
                col_append_fstr(pinfo->cinfo, COL_INFO,
                        " (Message fragment %u)", msg_num);
                col_append_fstr(pinfo->cinfo, COL_INFO,
                         " (Frag:  %u)", pinfo->fragmented);
                col_append_fstr(pinfo->cinfo, COL_INFO,
                          " (Visit:  %u)", pinfo->fd->flags.visited);
                col_append_fstr(pinfo->cinfo, COL_INFO,
                          " (Fragmsg:  %d)", (int)frag_msg);

            }

            if (new_tvb) { // take it all
                col_append_str(pinfo->cinfo, COL_INFO,
                        "(NEW TVB)");
                //offset=0;
//proto_tree_add_item(nos_tree, hf_nos_data, new_tvb, offset, -1, FALSE); 
                 next_tvb = new_tvb;
            } else { // make a new subset
                next_tvb = tvb_new_subset(tvb, offset2, -1, -1);
            }

        }

        else { // Not fragmented
            next_tvb = tvb_new_subset(tvb, offset2, -1, -1);
        }

        pinfo->fragmented = save_fragmented;