Hi,
Can anybody help me with packet reassembly?
I’ve been working with Wireshark 1.8 ‘til now and the same scenario worked there just fine.
I’m trying to move into 1.10.7 and reworking the code so it will perform the same dissection.
In the block bellow
fragment_add_seq_check keeps returning NULL into
frag_msg so obvious process_reassembled_data returns NULL as well.
frag_msg = fragment_add_seq_check(&my_fragment_table,
tvb,offset,pinfo,
msg_id,
NULL,
patch_seq,
frag_remaining,
(frag_type !=
FR_LAST));
new_tvb = process_reassembled_data(tvb,offset,pinfo,
"Reassembled Message ",
frag_msg,
&my_frag_items,
NULL,tree);
In an header file I declared:
static
reassembly_table my_fragment_table;
static
const fragment_items
my_frag_items = {
/* Fragment subtrees */
&ett_msg_fragment,
&ett_msg_fragments,
/* Fragment fields */
&hf_msg_fragments,
&hf_msg_fragment,
&hf_msg_fragment_overlap,
&hf_msg_fragment_overlap_conflicts,
&hf_msg_fragment_multiple_tails,
&hf_msg_fragment_too_long_fragment,
&hf_msg_fragment_error,
&hf_msg_fragment_count,
/* Reassembled in field */
&hf_msg_reassembled_in,
/* Reassembled length field */
&hf_msg_reassembled_length,
&hf_msg_reassembled_data,
/* Tag */
"Message fragments"
};
Where
my_fragment_table was initialized by:
reassembly_table_init(&my_fragment_table,&addresses_reassembly_table_functions);
can anyone tell me what I’m doing wrong?
Thanks,
Maayan
