Wireshark mailing list archives

Sequence aware dissector of TCP payload

From: Max Dmitrichenko <dmitrmax () gmail com>
Date: Sat, 4 Jun 2016 00:44:31 +0300

Hi everybody!

Sometime ago I wrote a dissector of TCP-based protocol, and I faced with
the problem of TCP out-of-order frames. E.g.:
1) Duplicated packet
2) Out-of-order packet later followed by TCP retransmission
3) Simple reordering
and so on.

Most protocols seems to be tolerant to this. But if you protocol is
encrypted or compressed, such event poisons the state of decoder or
decompressor and most of times it is unrecoverable.

Does wireshark have anything to handle this? If not is there any demand for
such functionality from dissectors' authors?

-- 
With best regards
  Max Dmitrichenko

___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev () wireshark org>
Archives:    https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
             mailto:wireshark-dev-request () wireshark org?subject=unsubscribe

Current thread:

Sequence aware dissector of TCP payload Max Dmitrichenko (Jun 03)
- Re: Sequence aware dissector of TCP payload Peter Wu (Jun 14)