Hello
I am currently trying to add conversations to the openSAFETY
dissector, and I am running into some behavioural issues.
A normal openSAFETY network consists of a Master Node and many Slave
Nodes. The relationship of their conversational pattern depends on the
state each node is currently in. Therefore a conversation regarding
all necessary communications between Master Node A and Slave Node B
would consist of the following messages:
1. All messages send from A directly to B and vice versa (this can be
solved by the currently implemented conversation filter).
2. All messages broadcasted by A
3. All messages broadcasted by B
Without 2 or 3 a conversation is not complete, therefore implementing
such a filter would make no sense at all. Does anyone have an idea how
to map this conversation pattern using wireshark conversations?
Basically what I want to achieve is to implement some kind of generic
conversation where for each pacakge I should be able to select, if
this package is part of this conversation or not. This would not be
based on any kind of address:ports combinations, but by choosing
specific combinations of dissector fields instead.
Is such a thing currently implemented? If not, is there an interest
for implementing such a technique?
kind regards,
Roland
