Hi,
I recently introduced link_dir for this purpose as I was
Suspecting that p2p_dir was used differently.
/* Link direction */
#define LINK_DIR_UNKNOWN -1
#define P2P_DIR_UL 0
#define P2P_DIR_DL 1
Should perhaps have been LINK_DIR_UL/LINK_DIR_DL
Regards
Anders
-----Ursprungligt meddelande-----
Från: wireshark-dev-bounces@xxxxxxxxxxxxx
[mailto:wireshark-dev-bounces@xxxxxxxxxxxxx] För Michael Lum
Skickat: den 20 juni 2009 02:30
Till: Developer support list for Wireshark
Ämne: Re: [Wireshark-dev] Meaning of packet_info.p2p_dir ?
I was thinking mainly in terms of SCCP.
There are protocols on top of SCCP where the receiver/sender is
important.
Currently the SCCP code is setting the direction to SENT for which ever
point code originates the SCCP Connection Request.
Which is logical if you are trying to indicate who initated the
connection
but it is not helpful for some of the protocols on top.
For example:
OTA (IS-638)
ANSI-A (IOS)
SCCP
The two entities involved, from the SCCP standpoint, are
the BSC and an MSC.
The OTA dissector needs to know whether the message is going
from BSC -> MSC or MSC -> BSC.
SCCP Connection Requests can go in either direction.
The old code that I originally put in, that remains but gets overridden,
had the p2p_dir being set based on a 'Source PC' preference.
Not something I particularly liked but it worked.
I'm trying to figure out if the p2p_dir direction setting in the SCCP
code is doing what it was supposed to. (get_sccp_assoc())
Does anyone know or is there some other mechanism that will
provide the information I need?
Thank you
--
Michael Lum Principal Software Engineer
4600 Jacombs Road +1.604.276.0055
Richmond, B.C.
Canada V6V 3B1
Star Solutions
> -----Original Message-----
> From: wireshark-dev-bounces@xxxxxxxxxxxxx
> [mailto:wireshark-dev-bounces@xxxxxxxxxxxxx] On Behalf Of Guy Harris
> Sent: June 19, 2009 2:39 PM
> To: Developer support list for Wireshark
> Subject: Re: [Wireshark-dev] Meaning of packet_info.p2p_dir ?
>
>
> On Jun 19, 2009, at 9:25 AM, Jeff Morriss wrote:
>
> > Well, I don't know if it's the same for all protocols, but it's
> > usually set to one of these defines:
> >
> > epan/packet_info.h:#define P2P_DIR_UNKNOWN -1
>
> ...which means "there's not enough information in the file to
> determine the direction".
>
> > epan/packet_info.h:#define P2P_DIR_SENT 0
> epan/packet_info.h:#define
> > P2P_DIR_RECV 1
> > epan/packet_info.h:#define P2P_DIR_UL 0
> > epan/packet_info.h:#define P2P_DIR_DL 1
> >
> > It's useful in protocols when you know you're the sender or the
> > receiver (and that makes a difference when dissecting).
>
> Although, in some places, it just matters whether the traffic
> is going "to the left" or "to the right"; if, for example,
> the capture comes from a passive tap, you're *a* receiver for
> all of it, but you still might be able to tell the difference
> between the two directions.
>
> For some protocols, where you have a network endpoint
> communicating with a network (ISDN, for example), "sent"
> should probably mean "user to network" and "received" should
> probably mean "network to user".
> ______________________________________________________________
> _____________
> Sent via: Wireshark-dev mailing list <wireshark-dev@xxxxxxxxxxxxx>
> Archives: http://www.wireshark.org/lists/wireshark-dev
> Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
>
> mailto:wireshark-dev-request@xxxxxxxxxxxxx?subject=unsubscribe
>
___________________________________________________________________________
Sent via: Wireshark-dev mailing list <wireshark-dev@xxxxxxxxxxxxx>
Archives: http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
mailto:wireshark-dev-request@xxxxxxxxxxxxx?subject=unsubscribe
