Hello,
I have a protocol that begins with a PDU of type A ('link' state), then switches after it performed some negotiation to a PDU type B ('data' state).
I've tried something similar to:
conversation = find_conversation(pinfo->fd->num, &pinfo->src, &pinfo->dst, pinfo->ptype, pinfo->srcport, pinfo->destport, 0);
if (!conversation) {
conversation = conversation_new(pinfo->fd->num, &pinfo->src, &pinfo->dst, pinfo->ptype, pinfo->srcport, pinfo->destport, 0);
}
myproto_info = (myproto_conversation_t*)conversation_get_proto_data(conversation, proto_myproto);
if(!myproto_info) {
/* We don't yet have a conversation, so create one. */
myproto_info = se_alloc0(sizeof(myproto_conversation_t));
myproto_info->destport = pinfo->destport; /* Useful to differ between c2s and s2c packets */
myproto_info->pdu_type_A = TRUE;
conversation_add_proto_data(conversation, proto_myproto, myproto_info);
}
if (myproto_info->pdu_type_A == TRUE) {
/* If we are still in the link state part of the protocol */
tcp_dissect_pdus(tvb, pinfo, tree, myproto_desegment, 16, get_myproto_link_pdu_len, dissect_myproto_link_pdu);
} else {
tcp_dissect_pdus(tvb, pinfo, tree, myproto_desegment, 16, get_myproto_data_pdu_len, dissect_myproto_data_pdu);
}
And in dissect_myproto_link_pdu():
if (myproto_info->destport == pinfo->destport) {
/* dissectC2S messages */
} else {
/* S2C messages - and turn off pdu_type_A ! */
myproto_info->pdu_type_A = FALSE;
}
This doesn't work well. Once I turn it off, nothing is dissected any more - as if it won't reach the first tcp_dissect_pdus() line anymore - even for other conversations.
1. Is my approach correct?
2. Any hint as to what I'm doing wrong here?
TIA,
Yaniv.
