Hi,
We have a reassembly API in ~/epan/reassemble.c see also the README files in ~/doc
Regards
Anders
-----Original Message-----
From: wireshark-dev-bounces@xxxxxxxxxxxxx [mailto:wireshark-dev-bounces@xxxxxxxxxxxxx] On Behalf Of fab12@xxxxxxxxxxx
Sent: den 27 april 2011 13:38
To: wireshark-dev@xxxxxxxxxxxxx
Subject: [Wireshark-dev] Reassembling tvbuff_t
Hi
I am currently working on a dissector for some proprietary protocol and I need to do some reassembling of buffer.
I am looking for information on how to handle tvbuff_t API.
I have found this :
http://wireshark.sourcearchive.com/documentation/1.0.0/tvbuff_8h_aa919b43fdba78f4be4a76aa274e6cce.html#aa919b43fdba78f4be4a76aa274e6cce
which is useful but I'm not sure to understand it.
With my protocol I am receiving packet in several fragment.
The fragment header tells me if it is a head, tail or mid fragment packet.
I am thinking processing as follows but I am not sure if it is the best way or even if it is correct:
Upon reception of a fragment: I copy it in a new tvbuff_t and save it in some global list:
tvb_memcpy(tvb,data,offset,length)
frag_buf=tvb_new_real_data(data,length,reported_length)
// what is reported_length by the way?
// Is there a better way to make a buffer copy?
Add frag_buf to global fragrment list
Upon receiption of the last fragment
pckt_buf=tvb_new_composite ( void )
For each frag_buf in global fragrment list {
tvb_composite_append(pckt_buf,frag_buf)
}
// Then I call my dissector on the reassembled packet.
Is this the general idea?
Thx
Fabien
___________________________________________________________________________
Sent via: Wireshark-dev mailing list <wireshark-dev@xxxxxxxxxxxxx>
Archives: http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
mailto:wireshark-dev-request@xxxxxxxxxxxxx?subject=unsubscribe
