Hi,
I am writing my first dissector and it needs to dissect a packet base on some information in previous packets. The protocol also allows multiple of these stream mux together. What is the best way to create a stateful dissector? From
the dev guide, I notice there are two different mechanisms that is “stateful” – the tap and the “conversation”. From what I can tell, tap seems to be for post-processing of stats only. So is the “conversation” mechanism the best way to implement a stateful
dissector? Did I miss any some other mechanism?
Regards,
Kenny Ho
IMPORTANT CONFIDENTIALITY NOTICE
This message and any attached documents contain information from ViXS Systems, Inc. and are confidential and privileged and further subject to any confidentiality agreement between the parties. The information is intended to be viewed only by the individual(s)
or entity(ies) to whom the message is addressed. If you are not the intended recipient, be aware that reading, disclosing, copying, distributing or using the contents of this transmission is prohibited. Please notify us immediately if you have received this
transmission in error, and delete this message along with any attached files.
|
