Huge thanks to our Platinum Members Endace and LiveAction,
and our Silver Member Veeam, for supporting the Wireshark Foundation and project.

Wireshark-dev: Re: [Wireshark-dev] LUA TCP protocol dissector

From: Christer Palm <hcgpalm@xxxxxxxxx>
Date: Sun, 03 Feb 2008 21:20:39 +0100
Hi Jaap, thanks for your response!

Jaap Keuter wrote:
Now that you venture into the more advanced stages of protocol dissection it may be time to implement the design in C. This opens the option of using the various support features, conversations and TCP reassembly, which you seem to seek.


I appreciate your suggestion, but for the reasons I already mentioned, the option of rewriting it in C is not very appealing. If there's no way around the limitations I'd rather live with them.

Having said that, the stuff I'm trying to do is really not that "advanced". In fact, it's probably as simple as it gets with a TCP-based protocol. It's a simple connect->request->response->hangup type of protocol, so theres always a single PDU in each direction over the conversation lifetime. The PDU's have a header and a payload.

I identify the header packets by looking at tcp.seq. The only crux is that I need a content-type field from the header in order to dissect the following payload packets properly. Surely there must be some smart way to do this?

You might want to enter the observations you made about TvbRange and tvb_get_stringz in bugzilla, so they won't be lost.


Will do

Regards,
--
Christer Palm