Wireshark-dev: Re: [Wireshark-dev] LUA TCP protocol dissector
From: Christer Palm <[email protected]>
Date: Sun, 03 Feb 2008 21:20:39 +0100
Hi Jaap, thanks for your response!

Jaap Keuter wrote:
Now that you venture into the more advanced stages of protocol dissection it may be time to implement the design in C. This opens the option of using the various support features, conversations and TCP reassembly, which you seem to seek.
I appreciate your suggestion, but for the reasons I already mentioned, 
the option of rewriting it in C is not very appealing. If there's no way 
around the limitations I'd rather live with them.
Having said that, the stuff I'm trying to do is really not that 
"advanced". In fact, it's probably as simple as it gets with a TCP-based 
protocol. It's a simple connect->request->response->hangup type of 
protocol, so theres always a single PDU in each direction over the 
conversation lifetime. The PDU's have a header and a payload.
I identify the header packets by looking at tcp.seq. The only crux is 
that I need a content-type field from the header in order to dissect the 
following payload packets properly. Surely there must be some smart way 
to do this?
You might want to enter the observations you made about TvbRange and tvb_get_stringz in bugzilla, so they won't be lost.
Will do

Christer Palm