ANNOUNCEMENT: Live Wireshark University & Allegro Packets online APAC Wireshark Training Session
July 17th, 2024 | 10:00am-11:55am SGT (UTC+8) | Online
Wireshark logo

Ethereal-dev: Re: [Ethereal-dev] tcp_dissect_pdus function and not in sequence packets

Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.

Date Prev · Date Next · Thread Prev · Thread Next
Date Index · Thread Index · Other Months · All Mailing Lists
From: Lapo.Pasqui@xxxxxxxxxx
Date: Tue, 31 Jan 2006 16:39:01 +0100
Thank you: this problem was driving me crazy.
I'll be glad to test your patch, if you like.

Best regard
   Lapo Pasqui
ronnie sahlberg wrote:
The tcp reassembly code is very old and primitive and was developed prior to the tcp sequence number analysis. As such it requires the segments to be in order and fails if the semgents are not. (ethereal did not learn to know where pdus start/end in the sequence number space before the tcp analysis code was implemented)
There has been a recent update/rewrite in the tcp analysis code (modulo some bugs that i need to fix) that will make it much easier to reimplement the reassembly code so that it can handle unordered segments. (i have examples to verify it with). This new analysis code will make it possible for reassembly to track the sequence numbers where a PDU starts and ends and use that for reassembly instead 
of requiring that they are delivered in sequence.
I will fix the tcp analysis bugs that has been reported and then try to fix the reassembly code in the next few days. 



best regards
ronnie s




On 1/31/06, *Lapo.Pasqui@xxxxxxxxxx <mailto:Lapo.Pasqui@xxxxxxxxxx>* <

wrote:


    I've developped a dissectors that run atop a tcp. As the total
    conversation span across a few packets, I've had to use the
    tcp_dissect_pdus function to reaasemble the conversation.
    Everything works fine 'till there are not retransmission and/or
    packets
    losts.
    What happens, in this case, is my decode function being called even if
    the whole conversation has not been yet completed; please note that my
    hook function
    guint (*get_pdu_len)(tvbuff_t *, int) works fine.
    In particular, my decode function is called in a middle of the
    conversation, as soon as the not in sequence packet is received.

    It looks like the tcp_disscect_pdus does not its work in such cases.
    Can you see something wrong in my approach?
    Can you please point me to some example I can "copy" from?
    I'm using ethereal-0.10.14 .
    Thanks
        Lapo

    _______________________________________________
    Ethereal-dev mailing list
    Ethereal-dev@xxxxxxxxxxxx <mailto:Ethereal-dev@xxxxxxxxxxxx>
    http://www.ethereal.com/mailman/listinfo/ethereal-dev
Wireshark logo footer

© Wireshark Foundation · Privacy Policy

Facebook·Mastodon·Twitter·YouTube