Wireshark · Wireshark-dev: [Wireshark-dev] Packet reassembling

Wireshark-dev: [Wireshark-dev] Packet reassembling

From: Gerhard Gappmeier <gerhard.gappmeier@xxxxxxxxxxx>

Date: Tue, 11 Jul 2006 18:07:22 +0200

Hello

I have read the chapter about packet reassembling.
It's clear except from one point.

If a server has multiple TCP connections to different clients,
the captured packets can be mixed up from different messages.
How is this kept in mind?
Is this tracked automagically by "fragment_add_seq_check" with the contents of the "packet_info" structure,
or is the example in the docs not taking this into account?
Is one instance of the "msg_fragment_table" and "msg_reassembled_table enough" for multiple connections?
Or do I need one for each connection?

I see at least a problem with the sequence numbers.
At least my protocol has no sequence number for different chunks,
so I have to do something like "connection[i].seq_number++" for each connection.
Are there any recommendations?

--
mit freundlichen Grüßen / best regards

Gerhard Gappmeier
ascolab GmbH - automation system communication laboratory
Tel.: +49 9131 691 123
Fax: +49 9131 691 128
Web: http://www.ascolab.com
GPG-Key: http://www.ascolab.com/gpg/gg.asc

Follow-Ups:
- [Wireshark-dev] Set button label in GTK 1.2
  - From: Tinoshi Kitazawa
- Re: [Wireshark-dev] Packet reassembling
  - From: ronnie sahlberg

Prev by Date: Re: [Wireshark-dev] Endianess
Next by Date: [Wireshark-dev] Set button label in GTK 1.2
Previous by thread: Re: [Wireshark-dev] Endianess
Next by thread: [Wireshark-dev] Set button label in GTK 1.2
Index(es):
- Date
- Thread