Re: Dissector skipping packets

[Stephen Fisher <steve () stephen-fisher com>]

On Tue, May 04, 2010 at 10:45:38PM -0700, Craig Bumpstead wrote:

> example: Packet Type 0
> Trans type

> I'm not sure how to have different paths for decoding of packets. Any 
> ideas of the protocol that I should look at for this type of decode?

If every packet contains a packet type (is that what "trans type" is 
above?), then you can use a switch() statement after obtaining the 
packet type:

- Set a variable to the packet type using tvb_get_guint8 for an 8-bit 
integer or tvb_get_ntohX where X is 's' for 16-bit, "24" for 24-bit, 'l' 
for 32-bit or "64" for 64-bit unsigned assuming that the integer is in 
typical network byte order ("big endian").  There are also functions for 
little endian byte order: replace the 'n' after '_' with "le":

    guint8 packet_type;

    packet_type = tvb_get_guint8(tvb, 0);


- Use #define statements to make associate packet type names with the 
integers they are designated by for easier code reading (for example):

    #define AUTH_REQUEST 0
    #define AUTH_REPLY 1


- Use a switch statement:

    switch(packet_type) {
        case AUTH_REQUEST :
            ...
            break;

        case AUTH_REPLY :
            ...
            break;

        default :
            ... (state that it is an unknown packet type)
            break;
     }


-- 
Steve
___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev () wireshark org>
Archives:    http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
             mailto:wireshark-dev-request () wireshark org?subject=unsubscribe