On Wed, 8 Aug 2007, Michael Ngo wrote:
Hi
I'm not sure if the reassembler is buggy or if I am
using it wrong. I'm using it like this
tcp_dissect_pdus(tvb, pinfo, tree, TRUE, 12,
get_foo_length, dissect_foo_message)
where get_foo_length returns the length of the packet
and dissect_foo_message is my dissector.
<snip>
I'm totally confused by your description. But wiresharks' attempts at
packet reassembly in the face of retransmissions and out-of-order packets
are inherently a bit best-effort, as it has to be able to do a reasonable
job at reassembly with potentially only a single pass through the traffic.
If you really think it could do better, could you supply an example
capture with an explanation as to what it's doing wrong?
Cheers
Richard
