Re: How to modify existing RTP conversation?

[Jirka Novak <j.novak () netsystem cz>]

Hi,

  did I made wrong code analysis and root cause is somewhere else?

> > I would like to know where this is done:
> >
> >  I analysed the code and found that for #1 is created "full"
> > conversation (full = SRC_IP:SRC_PORT <-> DST_IP:DST_PORT) with UDP as
> > protocol.
> >
> > because that sounds questionable. 
>
> packet_udp.c: dissect() calls find_or_create_conversation(pinfo) for
> every packet. When packet is new (#1 in my example), it creates new full
> conversation just for UDP layer.
> Conversation is created as full/bidirectional, I checked it with enabled
> DEBUG_CONVERSATION.

                                                Sincerely yours,

                                                        Jirka Novak


___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev () wireshark org>
Archives:    https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev
             mailto:wireshark-dev-request () wireshark org?subject=unsubscribe