Wireshark mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Conversation tracking

From: Tobias Weiss <tweiss () ra rockwell com>
Date: Thu, 10 May 2012 17:54:44 -0400
Thanks, this is working just fine.

But in that case I suggest an update to README.developer as I copied the 
buggy source-code from there.

Tobi





Stephen Fisher <steve () stephen-fisher com> 
Sent by: wireshark-dev-bounces () wireshark org
05/10/2012 01:07 PM
Please respond to
Developer support list for Wireshark <wireshark-dev () wireshark org>


To
Developer support list for Wireshark <wireshark-dev () wireshark org>
cc

Subject
Re: [Wireshark-dev] Conversation tracking







---- On Thu, 10 May 2012 10:26:46 -0600 Tobias Weiss  wrote ---- 


I'm using conversation tracking and ran into an issue. My code looks like 

this (as suggested in the README.developer): 


conv = find_conversation(pinfo->fd->num, 
   &pinfo->src, 
   &pinfo->dst, 
   pinfo->ptype, 
   pinfo->srcport, 
   pinfo->destport, 
   0); 

if(conv != NULL) { get conversation data } 
else { create conversation data with se_alloc() and add it to the 

conversation } 


When the dissectors main function is called for the first time, 

find_conversation() returns a non-null pointer! As far as I understood it 
should return 0 as conversation_new() was never called for this 
address/port combination yet. What am I missing here? 

Using a dissector I wrote, packet-exec.c, as an example, I first called 
find_or_create_conversation(), then conversation_get_proto_data() and then 
check the return of that second function to see if I need to create the 
data:

        conversation = find_or_create_conversation(pinfo);

        /* Retrieve information from conversation
         * or add it if it isn't there yet
         */
        hash_info = conversation_get_proto_data(conversation, proto_exec);
        if(!hash_info){
                hash_info = se_alloc(sizeof(exec_hash_entry_t));

<<< set the variables here >>>

                conversation_add_proto_data(conversation, proto_exec, 
hash_info);
        }

___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev () wireshark org>
Archives:    http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
             
mailto:wireshark-dev-request () wireshark org?subject=unsubscribe


___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev () wireshark org>
Archives:    http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
             mailto:wireshark-dev-request () wireshark org?subject=unsubscribe
Previous By Date Next
Previous By Thread Next

Current thread: