Wireshark · Wireshark-dev: [Wireshark-dev] Conversation tracking

Wireshark-dev: [Wireshark-dev] Conversation tracking

From: Tobias Weiss <tweiss@xxxxxxxxxxxxxxx>

Date: Thu, 10 May 2012 12:26:46 -0400

Hi all,

I'm using conversation tracking and ran into an issue. My code looks like this (as suggested in the README.developer):

conv = find_conversation(pinfo->fd->num,
&pinfo->src,
&pinfo->dst,
pinfo->ptype,
pinfo->srcport,
pinfo->destport,
0);

if(conv != NULL) { get conversation data }
else { create conversation data with se_alloc() and add it to the conversation }

When the dissectors main function is called for the first time, find_conversation() returns a non-null pointer! As far as I understood it should return 0 as conversation_new() was never called for this address/port combination yet. What am I missing here?

Tobi

Follow-Ups:
- Re: [Wireshark-dev] Conversation tracking
  - From: Stephen Fisher

Prev by Date: Re: [Wireshark-dev] Regarding wireshark design
Next by Date: Re: [Wireshark-dev] Conversation tracking
Previous by thread: [Wireshark-dev] I now have some really crappy code that kind of works to send a pcapng through a pipe to Wireshark
Next by thread: Re: [Wireshark-dev] Conversation tracking
Index(es):
- Date
- Thread