-----Original Message-----
From: Guy Harris <guy@xxxxxxxxxxxx>
To: Developer support list for Wireshark <wireshark-dev@xxxxxxxxxxxxx>
Sent: Fri, Jul 4, 2014 1:32 pm
Subject: Re: [Wireshark-dev] Should dissect_tcp_pdus be used as much as possible?
On Jul 4, 2014, at 1:36 AM, Peter Wu <peter@xxxxxxxxxxxxx> wrote:
> Should reassembly be enabled in as many TCP protocols as possible?
Yes.
> That is, is it desirable that TCP-based protocols use dissect_tcp_pdus with
> reassembly set to true?
That is a different question.
TCP-based protocols *where the data stream is broken up into PDUs, and the size
of a PDU is always >= N, for some value of N > 0, and where the length of the
PDU can always be calculated from the contents of the first N bytes of the
protocol*, should use tcp_dissect_pdus with the reassembly parameter either
hardwired to TRUE or passed as a user-configurable parameter that defaults to
TRUE.
(That could be simplified to "should TCP-based protocols use tcp_dissect_pdus,
*if possible*, with a default setting of "do reassembly?", to which the answer
is "yes".)
However, not all TCP-based protocols are like that; HTTP, for example, isn't,
and it uses different helper routines (see epan/req_resp_hdrs.[ch]).
___________________________________________________________________________
Sent via: Wireshark-dev mailing list <wireshark-dev@xxxxxxxxxxxxx>
Archives: http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
mailto:wireshark-dev-request@xxxxxxxxxxxxx?subject=unsubscribe
