Hi all,
I'm working on a dissector for a TCP-based protocol, and I'm wondering if there is any good way to handle when a TCP retransmit/fast retransmit occurs in the middle of the stream.
I will try to explain what is happening in one test case.
First my dissector is called with some data. The TCP response spans many TCP packets, so I keep setting pinfo->desegment_offset to 0 and pinfo->desegment_len = DESEGMENT_ONE_MORE_SEGMENT.
After about 5 packets there is a TCP retransmission of the first packet, and the retransmitted data is sent to the dissector.
Then the data that should have been next in the stream is sent to the dissector, but without any of the previous data, leaving the dissector unable to handle it.
So I guess I have 2 questions.
1) Is there any way to handle this elegantly so that I can get a
good dissection that ignores the retransmitted data?
2) Barring #1, is there any (hopefully simple) way to determine if the data received by the dissector is retransmitted data?
Thanks,
Gerald
|
