Wireshark mailing list archives

Re: Question regarding the reassembled_key

From: "Mike Morrin" <Mike.Morrin () ipaccess com>
Date: Sun, 9 May 2010 08:27:27 +0100

 

 

________________________________

From: wireshark-dev-bounces () wireshark org
[mailto:wireshark-dev-bounces () wireshark org] On Behalf Of Liu
Chunfang-CCL083
Sent: 07 May 2010 21:28
To: wireshark-dev () wireshark org
Subject: [Wireshark-dev] Question regarding the reassembled_key

 

All,

 

I have a special reassemble case. In my case, all the fragments need to
be reassembled are in the same frame. Currently the reassembled_key in
the reassemble.c file is defined as:

 

typedef struct _reassembled_key {
 guint32 id;
 guint32 frame;
} reassembled_key;

So from the first to the last fragment can get the reassembled message
and be decoded several times. See an example in following GUI. Anyone
has any idea how can I fix this?

 

 

 

Thanks,

Chunfang

 

[mm] You probably need to define a new key structure that allows the
fragments to be uniquely keyed.

You will need to write new xxx_key_copy(), xxx_equal(), xxx_hash()
functions for your new key type.  IMO, the key types and functions
should all be outside of reassemble.c, so that that file does not need
to be touched when a key type is added or changed (the reassemble.c file
structure does not currently support this). 

Depending on the characteristics of the protocol you are reassembling,
you may find other limitations in reassemble.c.

 






This message contains confidential information and may be privileged. If you are not the intended recipient, please 
notify the sender and delete the message immediately.

ip.access Ltd, registration number 3400157, Building 2020, 
Cambourne Business Park, Cambourne, Cambridge CB23 6DW, United Kingdom

___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev () wireshark org>
Archives:    http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
             mailto:wireshark-dev-request () wireshark org?subject=unsubscribe

Current thread:

Question regarding the reassembled_key Liu Chunfang-CCL083 (May 08)
- Re: Question regarding the reassembled_key Mike Morrin (May 09)
- <Possible follow-ups>
- Re: Question regarding the reassembled_key Liu Chunfang-CCL083 (May 22)
  - Re: Question regarding the reassembled_key Stephen Fisher (May 22)