Title: RE: [ethereal-dev] Help needed to add new file format decoding capabi lities to Ethereal
Guy and all,
To answer your question : "non-contiguous" in what sense ?
The file format I am working on has a non-trivial internal organisation.
The file is divided into fixed-size "blocks" (composed of a block header and block data) and further divided into packets, composed of packets headers and the actual data frame.
The fun part is that a packet can be splitted on two blocks.
Maybe a short scheme will help :
FILE header
BLOCK 0 header
BLOCK 0 data
pkt header 0
pkt data 0
pkt header 1
pkt data 1
pkt header 2
pkt data 2 (not complete)
BLOCK 1 header
BLOCK 1 data
pkt data 2 (continued)
pkt header 3
pkt data 3
pkt header 4
pkt data 4
So is it possible to have this properly working with the "read" function ?
Thx
Yann.
-----Original Message-----
From: Guy Harris [mailto:gharris@xxxxxxxxx]
Sent: jeudi 17 juin 2004 10:37
To: Ethereal development
Subject: Re: [ethereal-dev] Help needed to add new file format decoding capabi lities to Ethereal
On Thu, Jun 17, 2004 at 10:26:26AM +0200, Yann Samama wrote:
> I want to add to Ethereal the ability to read new type of files that
> are generated by some commercial sniffers. As I read through the
> different files in the wiretap sub-directory, it raised several issues
> :
>
> 1/ Is it possible to have a "read" function that can work on
> non-contiguous blocks of data?
"Non-contiguous" in what sense?
