Re: Dissector development- Problem with Conversation

["Maynard, Chris" <Christopher.Maynard () GTECH COM>]

First, regarding your example:

A= Master, B= Slave     

A -------> B ( Master to slave) 
B <------- A ( Slave to Master) 



... in both cases you depict A -> B (Master to slave) communication.  I think you meant:

A= Master, B= Slave     

A -------> B ( Master to slave) 
A <------- B ( Slave to Master) 



Anyway, rather than using A, B, etc., I'd rather illustrate conversations with IP:PORT.  For example, for a "normal" 
conversation, you have this:

IP1:PORT1 -------> IP2:PORT2 (Master to Slave)

IP1:PORT1 <------- IP2:PORT2 (Slave to Master)

 

Given that, I'm not sure if the following will work for you or not, but Wireshark conversations allow you to do the 
following and still count this as a single conversation:

IP1:PORT1 -------> IP_ANY:PORT_ANY

IP1:PORT1 <------- IP_ANY:PORT_ANY

 

In your example below, C is the common component of the "conversation" and is therefore represented above as the 
IP1:PORT1 pair.  In other words, if any host sends a message to C, that must be the 1st half of the conversation (i.e., 
the request), and if C sends a message to any other host, that must be the 2nd half of the conversation (i.e., the 
reply).

 

You will need to look into the options argument to conversation_new(), in particular NO_ADDR2 and NO_PORT2.  
Either/Both may help you here.  Refer to doc/README.developer section 2.2.2 for more details.

 

- Chris

P.S. It should be noted that I do not have much practical experience with conversations myself, so the above advice 
should be taken with a grain of salt.

 

 

From: wireshark-dev-bounces () wireshark org [mailto:wireshark-dev-bounces () wireshark org] On Behalf Of Sumit Kalsait
Sent: Tuesday, December 08, 2009 4:04 AM
To: wireshark-dev () wireshark org
Subject: [Wireshark-dev] Dissector development- Problem with Conversation

 


Hello Everybody 

In last days I was developing wireshark dissector for our protocol. for that reason In my dissector i used the 
conversation methods. as described in README.developer. Normally it register conversation like below. 

A= Master, B= Slave     

A -------> B ( Master to slave) 
B <------- A ( Slave to Master) 


as 1 converation. as per wireshark standard. and I can associate next or consecutive packet (with A and B address) with 
this conversatin. 

In my case We have listener module for our protocol so it see above conversation and gives packets to my Engineering PC 
so that I capture in wireshark 
C= Listner 
D ------> C   (same like. Master to slave) 
E <------ C   (same like. Slave to Master) 

same conversation as described above(1 st conversation). Listner picks up same packets only changes address. 
(for example D----> c is nothing but A---->B [Master to slave] and E <----- C is B <------- A  [Slave to Master]) 

And right now I want my dissector shold response in same way as above. So i can associate next or consecutive packets 
to this conversation 
(I dont want to have D-------> C and E <-------C as 2 different conversation) 

But How I can register listner module conversation ???  When I use my normal A-B and B to A it register as 1 
conversation. but in case of listner i see my conversation registration is quite different. how could be this problem 
handled. 

Thanks in advance 


Many Thanks and Best Regards 
Sumit 

------------------------------------------------------------------------ 
Sumit Kalsait 
PHOENIX CONTACT ELECTRONICS GmbH 
Business Unit Automation Systems 
Research & Development Department 
Dringenauer Straße 30 
D-31812 Bad Pyrmont, Germany 
Web:  http://www.automation.phoenixcontact.com 
------------------------------------------------------------------------ <http://www.automation.phoenixcontact.com/> 



..................................................................
PHOENIX CONTACT ELECTRONICS GmbH

Sitz der Gesellschaft / registered office of the company: 31812 Bad Pyrmont
USt-Id-Nr.: DE811742156
Amtsgericht Hannover HRB 100528 / district court Hannover HRB 100528

Geschäftsführer / Executive Board: 
Klaus Eisert
Roland Bent
Dr. Martin Heubeck
___________________________________________________________________
Diese E-Mail enthält vertrauliche und/oder rechtlich geschützte Informationen. Wenn Sie nicht der richtige Adressat 
sind oder diese E-Mail irrtümlich erhalten haben, informieren Sie bitte sofort den Absender und vernichten Sie diese 
Mail. Das unerlaubte Kopieren, jegliche anderweitige Verwendung sowie die unbefugte Weitergabe dieser Mail ist nicht 
gestattet.
----------------------------------------------------------------------------------------------------
This e-mail may contain confidential and/or privileged information. If you are not the intended recipient (or have 
received this e-mail in error) please notify the sender immediately and destroy this e-mail. Any unauthorized copying, 
disclosure, distribution or other use of the material or parts thereof is strictly forbidden.
___________________________________________________________________

CONFIDENTIALITY NOTICE: The contents of this email are confidential
and for the exclusive use of the intended recipient. If you receive this
email in error, please delete it from your system immediately and 
notify us either by email, telephone or fax. You should not copy,
forward, or otherwise disclose the content of the email.

___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev () wireshark org>
Archives:    http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
             mailto:wireshark-dev-request () wireshark org?subject=unsubscribe