|Main Archive Page > Month Archives > wireshark-dev archives|
2010/8/26 Richard van der Hoff <firstname.lastname@example.org>:
> On Thu, 26 Aug 2010, Frank Lahm wrote:
>> 2010/8/26 Frank Lahm <email@example.com>:
>>> Hi list,
>>> I'm trying to find a way to get at data from a previous request packet
>>> in order to correctly dissect the current packet.
> I only skimmed your code, so it may be that you have this covered already,
> but do remember that your dissector will not always be called with the
> packets in sequential order. (It will be called with each packet in turn
> initially, but will then be called again for each packet the user clicks
> on). So if there's more than one request in the conversation, you need to
> make sure that you are cross-referencing to the right one when dissecting
thanks for chiming in!
As a long time user of the AFP dissector I know that it handles
multiple conversations right. ;)
It's just the first time that I start to make substantial enhancements
to the dissector. Alas, I picked a tough target for a starter: AFP is
completely documented by Apple besided one singel AFP call
FPSpotlightRPC. So I've got to reverse engineer it which turns out to
be a tough task ask the packets are complicated.
Sent via: Wireshark-dev mailing list <firstname.lastname@example.org>