Huge thanks to our Platinum Members Endace and LiveAction,
and our Silver Member Veeam, for supporting the Wireshark Foundation and project.

Wireshark-dev: [Wireshark-dev] Accessing SCTP data chunk length etc

From: "Gastermann, Bernd Christian" <bernd-christian.gastermann@xxxxxxxxxxx>
Date: Mon, 21 Jul 2008 15:20:20 +0200
Dear Wireshark team!
 
I am currently writing a wireshark plugin which dissects custom data chunks from within a sctp message. Unfortunately, in order to work properly, it is necessary to know how long this specific sctp data chunk is. I've tried several things (for example writing another sctp plugin which overwrites the existing one) but nothing worked or solved the problem. The only solution was to modify wireshark's internal sctp dissector (packet-sctp) to write all the necessary information (in this case data chunk length without header length) into the private data of packetinfo (pinfo->private_data) so that my dissector can read it.
 
I currently need the data chunk stream id and length from within these sctp packets for debugging. Now I have two questions:
Firstly, do you know a better, easier solution for this problem without modifying wireshark itself?
And secondly, if there is no better way, do you think it is possible to integrate such changes into wireshark's public source code so that we can access this information in future versions too (although it may not be very useful for others)?
 
I attached a diff-file with all changes I made to 'packet-sctp.c' and 'packet-sctp.h'. I used revision 25778 from SVN.
 
Any suggestions would be highly appreciated! :)
Thanks in advance!

Bernd Gastermann

Attachment: packet-sctp-cmdata.diff
Description: packet-sctp-cmdata.diff