ANNOUNCEMENT: Live Wireshark University & Allegro Packets online APAC Wireshark Training Session
July 17th, 2024 | 10:00am-11:55am SGT (UTC+8) | Online
Wireshark logo

Wireshark-dev: [Wireshark-dev] Conversation tracking

Date Prev · Date Next · Thread Prev · Thread Next
Date Index · Thread Index · Other Months · All Mailing Lists
From: Tobias Weiss <tweiss@xxxxxxxxxxxxxxx>
Date: Thu, 10 May 2012 12:26:46 -0400

Hi all,

I'm using conversation tracking and ran into an issue. My code looks like this (as suggested in the README.developer):

conv = find_conversation(pinfo->fd->num,
    &pinfo->src,
    &pinfo->dst,
    pinfo->ptype,
    pinfo->srcport,
    pinfo->destport,
    0);

if(conv != NULL) { get conversation data }
else { create conversation data with se_alloc() and add it to the conversation }

When the dissectors main function is called for the first time, find_conversation() returns a non-null pointer! As far as I understood it should return 0 as conversation_new() was never called for this address/port combination yet. What am I missing here?

Tobi
Wireshark logo footer

© Wireshark Foundation · Privacy Policy

Facebook·Mastodon·Twitter·YouTube