Re: Buffering packets for dissection

[Jaap Keuter <jaap.keuter () xs4all nl>]

Hi,

What's your transport protocol?

Thanks,
Jaap

On Mon, 26 Jul 2010 16:29:42 +0300 (EEST), andreas.akesson () kolumbus fi
wrote:
> Hello,
>
> I'm currently writing a dissector which requires packet buffering to
> work. The dissector more or less has to brute-force the packet stream
> to find the actual data, but it needs at least a dozen packets of data
> before it can do anything. So, it doesn't know when the data begins,
> and how much data it needs (there is a maximum possible length
> though).
>
> Is there any built-in support for this? I was able to store the tvb
> buffers into a circular buffer, but I'm not quite sure what to do with
> the packet_info structure (I may be wrong, but it didn't seem to be on
> the heap, so I couldn't just store the pointer to it).
>
> Any help is appreciated!
>
> Sincerely,
> Andreas

___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev () wireshark org>
Archives:    http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
             mailto:wireshark-dev-request () wireshark org?subject=unsubscribe