I am implementing object export for the FTP protocol ( File-> Export Object -> FTP...).
I have got to the point of getting the list of files in the ExportObjectDialog window. However in such window I get an entry for each TCP packet used for the trasmission of each FTP packet. If save each entry and then join the resulting files in the correct order I get the file I am sopposed to. So I am on the right track but am not doing ftp packet reassembly correctly.
I have tried two approaches:
The one explainded in section 2.7.2 of README.dissector. You can find the code at pastebin.com/nkxDUhkv. In order to make reading easier, I have added left several blank lines before and after the reassemble section. I am preatty sure this is the way to go, if this is the case you can skip to the end of the question. However since this approach has not been successful, I am providing details of the second one.
I have followed the instructions given at https://www.wireshark.org/docs/wsdg_html_chunked/ChDissectReassemble.html#TcpDissectPdus and added some extra code I think necessary, based on implementations I have seen of other dissectors.
Please note that I think line
ftpdatafragmented_handle = create_dissector_handle(dissect_ftpdatafragmented, proto_ftpdatafragmented);
should go at the end of
void proto_reg_handoff_ftp(void);
However for some reason such function is not being called. Therefore I have moved the
ftpdatafragmented_handle to
dissect_ftpdata(tvbuff_t tvb, packet_info pinfo, proto_tree *tree).
Please find the relevant code at pastebin.com/wHR2Q1LY. I have upload the whole mofidied FTP dissector code at pastebin.com/jxLUxewm.
Also note that I haven't dealt with conversation and transaction data yet. I will deal with that as soon as I fix packet reassemble.
What am I doing wrong with packet disassemble? Could somebody please help me?
Thank you in advance for your time.
asked 15 Jan '15, 18:48
CrazyL
6●2●2●4
accept rate: 0%
