The tcp reassembly code is very old and primitive and was developed prior to the tcp sequence number analysis.
As such it requires the segments to be in order and fails if the semgents are not.
(ethereal did not learn to know where pdus start/end in the sequence number space before the tcp analysis code was implemented)
There has been a recent update/rewrite in the tcp analysis code (modulo
some bugs that i need to fix) that will make it much easier to
reimplement the reassembly code so that it can handle unordered
segments. (i have examples to verify it with).
This new analysis code will make it possible for reassembly to track
the sequence numbers where a PDU starts and ends and use that for
reassembly instead
of requiring that they are delivered in sequence.
I will fix the tcp analysis bugs that has been reported and then try to fix the reassembly code in the next few days.
best regards
ronnie s
On 1/31/06, Lapo.Pasqui@xxxxxxxxxx <
> wrote:I've developped a dissectors that run atop a tcp. As the total
conversation span across a few packets, I've had to use the
tcp_dissect_pdus function to reaasemble the conversation.
Everything works fine 'till there are not retransmission and/or packets
losts.
What happens, in this case, is my decode function being called even if
the whole conversation has not been yet completed; please note that my
hook function
guint (*get_pdu_len)(tvbuff_t *, int) works fine.
In particular, my decode function is called in a middle of the
conversation, as soon as the not in sequence packet is received.
It looks like the tcp_disscect_pdus does not its work in such cases.
Can you see something wrong in my approach?
Can you please point me to some example I can "copy" from?
I'm using ethereal-0.10.14
.
Thanks
Lapo
_______________________________________________
Ethereal-dev mailing list
Ethereal-dev@xxxxxxxxxxxx
http://www.ethereal.com/mailman/listinfo/ethereal-dev
