Wireshark mailing list archives
Re: Question regarding the reassembled_key
From: "Mike Morrin" <Mike.Morrin () ipaccess com>
Date: Sun, 9 May 2010 08:27:27 +0100
________________________________ From: wireshark-dev-bounces () wireshark org [mailto:wireshark-dev-bounces () wireshark org] On Behalf Of Liu Chunfang-CCL083 Sent: 07 May 2010 21:28 To: wireshark-dev () wireshark org Subject: [Wireshark-dev] Question regarding the reassembled_key All, I have a special reassemble case. In my case, all the fragments need to be reassembled are in the same frame. Currently the reassembled_key in the reassemble.c file is defined as: typedef struct _reassembled_key { guint32 id; guint32 frame; } reassembled_key; So from the first to the last fragment can get the reassembled message and be decoded several times. See an example in following GUI. Anyone has any idea how can I fix this? Thanks, Chunfang [mm] You probably need to define a new key structure that allows the fragments to be uniquely keyed. You will need to write new xxx_key_copy(), xxx_equal(), xxx_hash() functions for your new key type. IMO, the key types and functions should all be outside of reassemble.c, so that that file does not need to be touched when a key type is added or changed (the reassemble.c file structure does not currently support this). Depending on the characteristics of the protocol you are reassembling, you may find other limitations in reassemble.c. This message contains confidential information and may be privileged. If you are not the intended recipient, please notify the sender and delete the message immediately. ip.access Ltd, registration number 3400157, Building 2020, Cambourne Business Park, Cambourne, Cambridge CB23 6DW, United Kingdom
___________________________________________________________________________ Sent via: Wireshark-dev mailing list <wireshark-dev () wireshark org> Archives: http://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-request () wireshark org?subject=unsubscribe
Current thread:
- Question regarding the reassembled_key Liu Chunfang-CCL083 (May 08)
- Re: Question regarding the reassembled_key Mike Morrin (May 09)
- <Possible follow-ups>
- Re: Question regarding the reassembled_key Liu Chunfang-CCL083 (May 22)
- Re: Question regarding the reassembled_key Stephen Fisher (May 22)