Sounds to me like you’ve got a
snaplen set. Under Capture -> Options, are you limiting each packet to a
maximum number of bytes?
From:
wireshark-dev-bounces@xxxxxxxxxxxxx
[mailto:wireshark-dev-bounces@xxxxxxxxxxxxx] On
Behalf Of Martin Corraine (mcorrain)
Sent: Friday, July 11, 2008 9:26
AM
To: Developer support list for
Wireshark
Subject: [Wireshark-dev] truncated
packet
I figured out how to drop a plugin into any
win32 Wireshark installation. The trick to do this is to use the same
complier as the official Wireshark installer was compiled with. I had to switch
from VS2005EE to VS6 for it to work on win32. Just thought I throw that out
there.
My dissector use to reassemble packets but for some unknown
reason it doesn't now. I'm running out of ideas as to what I may have
changed. I get the following message:[ Packet size limited during capture:
GED125 truncated]. I'm still using the same capture file too and it worked a
few days ago. Could have an update to the Wireshark sources changed the way you
reassemble packets under TCP? Any advice will help.
tcp_dissect_pdus(tvb,
pinfo, tree, ged125_desegment_body, 4, get_ged125_pdu_len,
dissect_ged125_base_messages);
Thanks,
Martin
