Wireshark-dev: [Wireshark-dev] Need help with fragment reassembly
I'm writing a dissector plugin for a protocol that supports fragmentation. I've made some good progress with dissecting the non-fragment packets, but the fragmentation reassembly not so much.
The fragment packet headers include a PDU length, a tag, and the offset of the current fragment in the full PDU. There is no explicit information as to whether a given fragment is the "last", so I am trying to figure out how to supply the final argument to fragment_add_check.
I could keep track of the fragment lengths and offsets seen so far, and calculate for myself when all fragments have been received. But this seems to duplicate some of what wireshark is already doing via the reassembly hash tables. Is there a clever way for me to ask wireshark when the final fragment has been received?
Also a broader question: is there a good resource for the wireshark fragmentation API? I don't see anything in the files under doc/, and the online Developer's Guide has a chapter but it only covers a couple of functions. If you want to use any of the others, all you get is the comments in reassemble.h.
Thank you very much!
