Wireshark-dev: Re: [Wireshark-dev] Reassembling Packets need some help plz
From: Marcel Haas <inf462@xxxxxxxxxxx>
Date: Thu, 22 Sep 2011 09:21:49 +0200
Nobody an idea ?On Tue, 20 Sep 2011 14:43:04 +0200, Marcel Haas <inf462@xxxxxxxxxxx> wrote:
Hello, im just writeing my first dissector and i have some problems with the reassemblingMy prtocoll contain some fields for Snode =ID ,Packetnumber and total packetsi get them with snode =tvb_get_guint8(tvb,offset);offset +=1; pnum =tvb_get_guint8(tvb,offset);offset +=1; totalp =tvb_get_guint8(tvb,offset); Example for a packet split into 3 : Snode=12 pnum=1 total=3 Sonde=12 pnum=2 total=3 Snode=12 pnum=3 total=3 the packet consists of an Trans Header, a App Header and Data.IF its fragmented only the frist packet consists auf tran,app and datathe other fragments consists only of trans and data. For the reassembled tvb only the data are importent. the lengh of the trans-header r given in a field loh. I think my fragment_add_seq_check function doesnt work right cause everytime i get a 0 returned thx. Code: save_fragmented = pinfo->fragmented; if (totalp > 1 && pnum<=totalp){ //check if it has to be reassembled if(pnum==1){ offset2=loh+20; // First packet, Packet with Tran + App Header ,App Header =20 Byte } else{ offset2=loh; // Not First Packet only trans header } if(totalp==pnum){ more_frag=FALSE;} //Total Packet == pnum =>Last Packet set more_frags =FALSE else {more_frag=TRUE;} // Not Last Packet =>set more_frags=TRUE msg_seqid =snode; msg_num = pnum-1; pinfo->fragmented = TRUE; frag_msg = fragment_add_seq_check(tvb, offset2, pinfo, msg_seqid, // ID for fragments belonging together msg_fragment_table, // list of message fragmentsmsg_reassembled_table, // list of reassembled messagesmsg_num, // fragment sequence number tvb_length_remaining(tvb, offset2), //fragment length - to the end more_frag); // More Frag printf("%d",(int)frag_msg);// PRINTF wieder raus new_tvb = process_reassembled_data(tvb, offset2, pinfo, "Reassembled Message", frag_msg, &msg_frag_items, NULL,nos_tree); if (frag_msg) { // Reassembled col_append_str(pinfo->cinfo, COL_INFO, " (Message Reassembled)"); } else { // Not last packet of reassembled Short Message col_append_fstr(pinfo->cinfo, COL_INFO, " (Message fragment %u)", msg_num); col_append_fstr(pinfo->cinfo, COL_INFO, " (Frag: %u)", pinfo->fragmented); col_append_fstr(pinfo->cinfo, COL_INFO, " (Visit: %u)", pinfo->fd->flags.visited); col_append_fstr(pinfo->cinfo, COL_INFO, " (Fragmsg: %d)", (int)frag_msg); } if (new_tvb) { // take it all col_append_str(pinfo->cinfo, COL_INFO, "(NEW TVB)"); //offset=0; //proto_tree_add_item(nos_tree, hf_nos_data, new_tvb, offset, -1, FALSE); next_tvb = new_tvb; } else { // make a new subset next_tvb = tvb_new_subset(tvb, offset2, -1, -1); } } else { // Not fragmented next_tvb = tvb_new_subset(tvb, offset2, -1, -1); } pinfo->fragmented = save_fragmented; ___________________________________________________________________________ Sent via: Wireshark-dev mailing list <wireshark-dev@xxxxxxxxxxxxx> Archives: http://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-devmailto:wireshark-dev-request@xxxxxxxxxxxxx?subject=unsubscribe
- Follow-Ups:
- Re: [Wireshark-dev] Reassembling Packets need some help plz
- From: Chris Maynard
- Re: [Wireshark-dev] Reassembling Packets need some help plz
- References:
- [Wireshark-dev] Reassembling Packets need some help plz
- From: Marcel Haas
- [Wireshark-dev] Reassembling Packets need some help plz
- Prev by Date: Re: [Wireshark-dev] Problem in building Plugin
- Next by Date: Re: [Wireshark-dev] Problem in building Plugin
- Previous by thread: [Wireshark-dev] Reassembling Packets need some help plz
- Next by thread: Re: [Wireshark-dev] Reassembling Packets need some help plz
- Index(es):