David Aggeler wrote:
Hi Bill,
Thanks for you comments. I've looked at quite a few other dissectors and
the comments around the reassembly function calls do not increase
confidence.
Therefore I'm debugging the reassemble module for quite a while now, to
understand of what is going on.
For DICOM, I need to do the reassembly at two levels. The first one is
at the top, where I have a PDU length to request data.
Here I plan to use tcp_dissect_pdus(), once I undestand how this
interacts with the heuristic hook. My custom merge at this level works
reasonable.
The bigger challange is the second level. For PDVs, there's only a more
flag, and then tcp_dissect_pdus() can't help.And this is where I'm using
fragment_add_seq_next().
David
A suggestion (if you haven't already decided what to do):
Store a (unique) value with the TCP conversation on which the PDV
occurs; Use this as the id to fragment_add....
The unique value could be the same as what tcp_dissect_pdus uses: the
frame number of the first frame containing the PDV.
Or: Use whatever makes sense for you for the unique id....
Bill
