Huge thanks to our Platinum Members Endace and LiveAction,
and our Silver Member Veeam, for supporting the Wireshark Foundation and project.

Wireshark-dev: [Wireshark-dev] Reassemble of segmented packets

From: Robin Van De Put <s5057667@xxxxxxxxxx>
Date: Sun, 27 May 2012 16:07:01 +0200
Hi,

I'm writing a plugin dissector that is gone dissect data from the mac layer and the adaptation layer.

Which will pass the rest to the 6lowpan dissector in Wireshark.

Everything is running fine, until I get segmented data on the mac layer.

I can't seem to get the reassembly process started.

 

I followed the documentation in the wireshark development guide.

And looked at some other dissectors and briefly looked reassemble functions in the code.

But I can't figure out why the segments aren't being reassembled.

 

I included source and destination address and mode in the pinfo of the packets.

Maybe I'm overlooking some other parameters which are required.

 

Also its confusing wich parameters are actually being expected in some cases.

Because on the next page http://www.wireshark.org/docs/wsdg_html_chunked/ChDissectReassemble.html

In Example 9.14. Reassembling fragments - Part 1

They are referring to "msg_num, /* fragment sequence number */".

Which I think refers to the offset in a reassembled packet where the current segment starts.

 

I didn't include the code to handle the new tvb buffer yet.

I'm first waiting on the "Message Reassembled" message in the info column.

 

I include a screenshot of some of the code and a overview of the variables in Wireshark.

I'm using Wireshark 1.6.5.

If any other information is required I'll provide more.

 

Regards,

Robin Van De Put

Attachment: code.png
Description: PNG image

Attachment: wireshark.png
Description: PNG image