This is a static archive of our old Q&A Site. Please post any new questions and answers at ask.wireshark.org.

How to dissect a customer protocol which is built over another customer protocol with lua

0

Hello all Recently I was asked to dissect some customer protocols with lua.There are two customer protocols named A and B.Protocol A was built over TCP while B was built over A. The problem is that each of them could be fragmented and resembled, A could be fragmented by TCP,B could be fragmented by A,which makes me almost go crazy .So,can someone can help me? thanks a lot!!!

asked 19 Jun '15, 02:38

DavidNorth's gravatar image

DavidNorth
16336
accept rate: 0%

What is the format of the "A" protocol - in particular, does it have a length field at a fixed location, hopefully somewhere early on in its format? If so, getting it to be reassembled is fairly easy. If not, then it's harder. But the answer to that affects the answer to the whole thing, so we need to know that before getting into the rest of it.

(27 Jun '15, 17:21) Hadriel