Wireshark mailing list archives

Re: How to do a multi-packet dissector

From: Balint Reczey <balint.reczey () ericsson com>
Date: Wed, 25 Nov 2009 11:17:09 +0100

Hi,

 From http://wiki.wireshark.org/Lua/Dissectors :

"Like dissectors written in C, Lua dissectors can use Wireshark's 
ability to reassemble TCP streams:

     * To not use TCP reassembly, make your Lua dissector function 
return nothing (nil) or 0 (in case dissector can't dissect packet).
     * To request reassembly via the pinfo struct as described in 
README.developers, set pinfo.desegment_len and pinfo.desegment_offset 
(works from Wireshark 1.1.2)."

Cheers,
Balint

Morita, Bill wrote:

I am writing a Lua dissector for a streaming protocol that may spread a 
“record” over several TCP packets.

What is a reasonable approach to take with this type of situation??

 

Thanks in advance.

 

---------------

Bill Morita

Cube 1040

503-495-9513

Bill.Morita () arrisi com


___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev () wireshark org>
Archives:    http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
             mailto:wireshark-dev-request () wireshark org?subject=unsubscribe

Current thread:

How to do a multi-packet dissector Morita, Bill (Nov 24)
- Re: How to do a multi-packet dissector Balint Reczey (Nov 25)