Hey,
maybe the problem isnt so complex to solve but its complex for me to
explain. :)
I have written my own reassemble code and it seems to work. But i have
one big problem.
If i set the filter and click apply, it works,because it goes trough
every packet.
And I get my reassemble msg after the packet but if now click at the
reassemble packet there
is now reassemble tvb. I know the reason for that cause he interpret
every packet one on one
Example:
Filter is set click at Apply
Packet: 1 -frag
Packet: 2 -frag
Packet: 3 -Reassemble (last frag)
If i click at Packet 3 he interprets only packet 3. He doesnt see
packet 1 2
and so he bulits now Reass Tvb.
Maybe im calling my function at the worng position.
Code:
static void
dissect_xxx(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree){
...
if(tree){
...
}
// Fragment
Routine------------------------------------------------------------------------------------
if(totalp >1){
frag_tvb =tvb_new_subset(tvb,offset2,-1,-1); // Get the
TVB
big_tvb=ListenElementEinfuegen(NeuesListenElement(snode,pnum,totalp,frag_tvb));
// Reass Function
if (big_tvb) { // Reassembled Big_tvb != NULL
col_append_str(pinfo->cinfo, COL_INFO,
" (Message Reassembled)");
add_new_data_source(pinfo,big_tvb,"Defrag TVB");
// ADD new Data Source
} else { // Not last packet of reassembled Short
Message Big_tvb == NULL
col_append_fstr(pinfo->cinfo, COL_INFO,
" (Message fragment %u)", pnum);
col_append_fstr(pinfo->cinfo, COL_INFO,
" (Frag: %u)", pinfo->fd -> num);
col_append_fstr(pinfo->cinfo, COL_INFO,
" (Visit: %u)", pinfo->fd->flags.visited);
}
}
}
I hope someone understand my problem and have a good idea/solution :)
thx and regards
Marcel
