Look at http://anonsvn.wireshark.org/wireshark/trunk/doc/README.developer
2.7.2 Modifying the pinfo struct.
Olivier
Jarolin, Robert a �crit :
I am working on a dissector for dissecting character string oriented
TCP messages. The messages are of variable length with no header
specifying the length. The message is considered finished when a '\n'
character is found. These messages may span multiple packets as well
as have multiple messages in 1 packet.
I have only written dissectors that have header info that can be used
to return a length value for tcp_dissect_pdus to handle the
fragmentation. Since I cannot determine the length until I find a
'\n' character, how can I dissect these message types?
Is there a way to parse a packet, get to the end of the packet, then
realize you need to continue the current dissection with the next
packet? If so, how?
Thanks for any help!
Confidentiality Notice: This e-mail (including any attachments) is
intended only for the recipients named above. It may contain
confidential or privileged information and should not be read, copied
or otherwise used by any other person. If you are not a named
recipient, please notify the sender of that fact and delete the e-mail
from your system.
------------------------------------------------------------------------
___________________________________________________________________________
Sent via: Wireshark-dev mailing list <wireshark-dev@xxxxxxxxxxxxx>
Archives: http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
mailto:wireshark-dev-request@xxxxxxxxxxxxx?subject=unsubscribe
