Wireshark
the world's foremost network protocol analyzer
Wireshark-dev: Re: [Wireshark-dev] LUA TCP protocol dissector
From: Christer Palm <hcgpalm@xxxxxxxxx>
Date: Sun, 03 Feb 2008 21:20:39 +0100
Hi Jaap, thanks for your response! Jaap Keuter wrote:
Now that you venture into the more advanced stages of protocol dissection it may be time to implement the design in C. This opens the option of using the various support features, conversations and TCP reassembly, which you seem to seek.
I appreciate your suggestion, but for the reasons I already mentioned, the option of rewriting it in C is not very appealing. If there's no way around the limitations I'd rather live with them.
Having said that, the stuff I'm trying to do is really not that "advanced". In fact, it's probably as simple as it gets with a TCP-based protocol. It's a simple connect->request->response->hangup type of protocol, so theres always a single PDU in each direction over the conversation lifetime. The PDU's have a header and a payload.
I identify the header packets by looking at tcp.seq. The only crux is that I need a content-type field from the header in order to dissect the following payload packets properly. Surely there must be some smart way to do this?
You might want to enter the observations you made about TvbRange and tvb_get_stringz in bugzilla, so they won't be lost.
Will do Regards, -- Christer Palm
- References:
- [Wireshark-dev] LUA TCP protocol dissector
- From: Christer Palm
- Re: [Wireshark-dev] LUA TCP protocol dissector
- From: Jaap Keuter
- [Wireshark-dev] LUA TCP protocol dissector
- Prev by Date: Re: [Wireshark-dev] LUA TCP protocol dissector
- Next by Date: Re: [Wireshark-dev] ethernet over USB
- Previous by thread: Re: [Wireshark-dev] LUA TCP protocol dissector
- Next by thread: [Wireshark-dev] Problem to decode LDAP packets
- Index(es):