Hi,
is there a common way or best practice of how to add information to the
info column, when there are multiple independent PDUs inside a frame
possible?
Currently I'm first cleaning out the info column with:
col_clear(pinfo->cinfo, COL_INFO);
But at the protocol I'm working on (s7comm), it's possible to have
multiple PDUs inside one frame.
So if you only look at the info column, you'd think there is only one
PDU in this frame (see attachement s7comm-multi-pdu.png), which I think
is not the best way to do this.
But, if it's a TCP reassembled frame, then clearing the info column
seems not to work.
In this case the info-additions from both PDUs are shown (see
attachement s7comm-multi-pdu-with-tcp-reassembling.png).
Is there a way to detect if the info column has entries from my
protocol, and then instead of wiping the column out, attaching "/" or
anything like that?
--
Cheers
Thomas Wiens
Attachment:
s7comm-multi-pdu.png
Description: PNG image
Attachment:
s7comm-multi-pdu-with-tcp-reassembling.png
Description: PNG image
