https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5971
Summary: Support for TCP dissector to handle Out-Of-Order
packets when the first fragment of up-level PDU is
retransmitted
Product: Wireshark
Version: 1.7.x (Experimental)
Platform: Other
OS/Version: Windows 7
Status: NEW
Severity: Major
Priority: Low
Component: Wireshark
AssignedTo: wireshark-bugs@xxxxxxxxxxxxx
ReportedBy: dmitrmax@xxxxxxxxx
Max Dmitrichenko <dmitrmax@xxxxxxxxx> changed:
What |Removed |Added
----------------------------------------------------------------------------
Attachment #6424| |review_for_checkin?
Flag| |
Created an attachment (id=6424)
--> (https://bugs.wireshark.org/bugzilla/attachment.cgi?id=6424)
Patch
Build Information:
Paste the COMPLETE build information from "Help->About Wireshark", "wireshark
-v", or "tshark -v".
--
There were several discussions regarding TCP dissector behavior when the first
fragment of application level PDU is lost and retransmitted later. I wrote a
patch which handles this problem with the assist from up-level subdissector.
Brief description of how to use this feature. Up-level subdissector has to
track tcp_info->seq for both flow directions to detect out-of-order tvb's. When
this situation is detected subdissector has to request packet desegmentation
setting pinfo->desegment_len to DESEGMENT_OUT_OF_ORDER and
pinfo->desegment_offset to the offset of the expected in-order packet relative
to the received out-of-order packet. The later generally is the negative value
which equals to (tcp_info->seq - expected_seq). And that's all! Certainly the
subdissector must be prepared to handle TVBs which contain multiple application
layer PDUs.
--
Configure bugmail: https://bugs.wireshark.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
