Hi
I'm not sure if the reassembler is buggy or if I am
using it wrong. I'm using it like this
tcp_dissect_pdus(tvb, pinfo, tree, TRUE, 12,
get_foo_length, dissect_foo_message)
where get_foo_length returns the length of the packet
and dissect_foo_message is my dissector. So the
problem occurs when an out of order packet shows up it
causes the reassembler to extract the wrong bytes thus
leading to the wrong calculated length. For example if
there were 200 frames in a capture. Then say frame 100
has sequence number 2000 with a length of 1000 bytes
and is the frame that is out of order. So basically
frames 1-110 are "in order" by sequence number. Next
later say the bytes in frame 100 overlap with those in
frame 115 and 116. So the reassembler thinks of them
as retransmissions and reassembles them according with
frame 100, 115, and 116 together, without removing the
duplicate bytes. Instead it should have just
reassembled frames 115 and 116 together, while
discarding or ignoring frame 100. Sorry if this is a
little confusing, but any help/ suggestions would be
appreciated.
Michael Ngo
____________________________________________________________________________________
Park yourself in front of a world of choices in alternative vehicles. Visit the Yahoo! Auto Green Center.
http://autos.yahoo.com/green_center/
