Wireshark mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Defragmenting non-tcp streams

From: paul () wsh sbrk co uk
Date: Thu, 7 Jan 2010 06:45:16 -0500
On Thu, Jan 07, 2010 at 03:26:32AM -0800, Guy Harris wrote:


On Jan 7, 2010, at 1:48 AM, paul () wsh sbrk co uk wrote:


TCP has a tcp_dissect_pdus() function that higher protocols can use
to  eliminate their dependency on the TCP framing. Is there anything
generic for other layers? I'm writing a USB dissector which is really
a serial protocol being transported over USB.


That's

      http://www.nordicsemi.com/files/Product/data_sheet/User_guide_ANT.pdf

right?


Correct. I've dissected most of the ANT commands and ANT+ device profiles
and am now doing the device to PC data transfers which are mainly over
burst transfers. That's for dissecting Garmin Forerunner 50, 310XT etc.


If so, and if you're reassembling the packets in a burst transfer, this
isn't a byte stream, so you can ignore the TCP dissector, and look instead
at the IP dissector for an example.  It's not *quite* the same as IP, as


Well, I am reassembling the packets in a burst transfer, but first of all
I have to reassemble the bytes in the USB transfer which is just a byte
stream.
i.e. the stream is a sequence of [A4,len,cmd,[len bytes],chksum] with occasional
trailing null(s) and there maybe be more than one ANT packet in a USB
packet. Potentially, the ANT packets could also span multiple USB packets. So
that's the problem I'm trying to solve at the moment.
 

      1) you have sequence numbers rather than byte offsets, so you'd
use fragment_add_seq_check() rather than fragment_add_check();


I am doing that for the burst transfers.
 

      2) the sequence number wraps around, so you'd have to keep
some state and provide a "synthesized" sequence number that doesn't
wrap around.


I'm doing that too.

My code so far is here: git://e2c3.com/nant.git in packet-ant.c

Cheers,

Paul
___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev () wireshark org>
Archives:    http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
             mailto:wireshark-dev-request () wireshark org?subject=unsubscribe
Previous By Date Next
Previous By Thread Next

Current thread: