Wireshark-dev: Re: [Wireshark-dev] GIOP dissector reply decode
Thanks for the 2.0 info. That will be a background task. Back to the immediate problem of decoding GIOP replies. Looking at 1.12 & 2.0 code the problem looks to be the same. It is the bit of code that works out a
MFN (matching frame number?) from a FN and request ID. This is done by get_mfn_from_fn_and_reqid. A comment in this function says…. /* Loop back from current end of complete_request_list looking for */ /* a FN with the same reqid -- TODO enhance with port/address checks -- FS */ The TODO is the bit I’m missing. So far as I can see nothing in this function has access to the IP addresses and port numbers of the frames being checked. Presumably this would require comp_req_list_entry extending to include src & dest (or maybe just dest) addresses and port numbers and the get_mfn function extending
to take the address and port number of the request being searched for. I assume this information is the src/dst/srcport/dstport entries in the packet_info structure. Any thoughts? Does this look like the way forward. Thanks for any help Regards Andy Ling From: wireshark-dev-bounces@xxxxxxxxxxxxx
[mailto:wireshark-dev-bounces@xxxxxxxxxxxxx] On Behalf Of Graham Bloice The Windows build for 2.0 has moved to CMake. I'm in the process of submitting a change for the Developers Guide docs, but for now README.cmake in the top level source tree should have enough to get you going, Nmake is still kind of supported, but nor for long. The Win32.mak issue is detailed in the Developers Guide setup: https://www.wireshark.org/docs/wsdg_html_chunked/ChSetupWin32.html#ChSetupMSVC On 2 November 2015 at 12:10, Andy Ling <Andy.Ling@xxxxxxxxx> wrote:
> Couple of thoughts from a quick skim of the code/git history: -- Graham Bloice This email has been scanned for email related threats and delivered safely by Mimecast. For more information please visit http://www.mimecast.com |
- References:
- Re: [Wireshark-dev] GIOP dissector reply decode
- From: Andy Ling
- Re: [Wireshark-dev] GIOP dissector reply decode
- From: Graham Bloice
- Re: [Wireshark-dev] GIOP dissector reply decode
- Prev by Date: Re: [Wireshark-dev] GIOP dissector reply decode
- Next by Date: Re: [Wireshark-dev] GTP session plugin
- Previous by thread: Re: [Wireshark-dev] GIOP dissector reply decode
- Next by thread: Re: [Wireshark-dev] GIOP dissector reply decode
- Index(es):