Re: wslua tcp reconstruct behaves strange when multiple messages span multiple packets

[Guy Harris <guy () alum mit edu>]

On Nov 5, 2013, at 4:40 AM, Sjoerd van Doorn <sjoerd.van.doorn () group2000 eu> wrote:

> For example if I have a TCP connection with packets over it and the packets contain messages including a header.
> it would be very well possible that there are two TCP packets.

Yes, that's what tcp_dissect_pdus() handles for a lot of protocols.

>             One including the first message and the first part of the second message
>             The second with the second part of the second message and the third message

How are message boundaries indicated?

If there's a length field, tcp_dissect_pdus() can use that; unfortunately, that's not currently made available to Lua 
dissectors.  It probably should be.
___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev () wireshark org>
Archives:    http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
             mailto:wireshark-dev-request () wireshark org?subject=unsubscribe