Wireshark-dev: Re: [Wireshark-dev] Protocol correctness analysis

From: Ilya Shvetsov <chvetsov@xxxxxxxxx>
Date: Fri, 20 Apr 2012 10:31:33 +0300
Thank you very much for help
--
With best regards
Ilya 'Akhil' Shvetsov




On 20 April 2012 03:01, Martin Visser <martinvisser99@xxxxxxxxx> wrote:
I don't know about the code, but the RTP Stream analysis definitely does this. RTP has a sequence number (rtp.seq) field that needs to increase monotonically for a stream. You don't see the error in the normal packet details, but you do when running the specific Telephony tool, as shown in the screen shot below.

However I the TCP dissector obviously is able to analyse similar sequence numbers - and is able to display things like TCP retransmissions with in the TCP Sequence analysis section in the packet details.



Inline images 1

Regards, Martin

MartinVisser99@xxxxxxxxx



On 19 April 2012 21:48, Ilya Shvetsov <chvetsov@xxxxxxxxx> wrote:

This sounds a bit like RTP. This is also analysed, through the use of the tapping mechanism. Have a look at README.tapping (IIRC) and look at the already available taps. 

Thank you, i will dig into it

But anyway i would like to clarify, what i really need.
So there is set of parameters in our packets, some of them are changed from packet to packet, some of them are not.

I'm looking for way to check, that all paramters was changed correctly.  Like if i have packet number, i would like to know whether this number increases monotonically or not. if not i would like to point user attention on this moment.

i hope, this sheds more light on what really i want
--
With best regards
Ilya 'Akhil' Shvetsov 
Thanks,
Jaap

Send from my iPhone

On 19 apr. 2012, at 11:17, Ilya Shvetsov <chvetsov@xxxxxxxxx> wrote:

Hi, there!

I wroute my own dissector for our custom protocol. It works good. we are very satisfied with wireshark.

But now i have task to check our protocol for errors. we implemented reliable protocol over UDP, so we would like to check whether we have lost packet or not. whether all packet's sequences complete or not. and so on.

the question is what is the best way to implement this?
I think it will be good to start this task not during cap file opening, but by user request from menu? 
if this possible, can you point me documentation for this?

--
With best regards
Ilya 'Akhil' Shvetsov


___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev@xxxxxxxxxxxxx>
Archives:    http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
            mailto:wireshark-dev-request@xxxxxxxxxxxxx?subject=unsubscribe

___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev@xxxxxxxxxxxxx>
Archives:    http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
            mailto:wireshark-dev-request@xxxxxxxxxxxxx?subject=unsubscribe


___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev@xxxxxxxxxxxxx>
Archives:    http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
            mailto:wireshark-dev-request@xxxxxxxxxxxxx?subject=unsubscribe


___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev@xxxxxxxxxxxxx>
Archives:    http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
            mailto:wireshark-dev-request@xxxxxxxxxxxxx?subject=unsubscribe