I am continuing working on the new dissector for the exec/rexec
protocol. I am now able to extract the first few variable length null
terminated fields. The next problem is that these initial fields
(username, password, etc.) span multiple packets. At first, I was
thinking that I could just use a variable to keep track of how far into
the connection I had been and continue dissecting fields there.
However, I think that using the conversation dissection routines would
work better in this case (right?), especially since there could be
multiple users connected.
I have read through the packet-rlogin.c dissector and README.developer,
but I am still a bit unclear on how to use the conversation handling
routines. Can anyone recommend a simple dissector that uses
conversations that I could refer to? I am currently using
tvb_get_ephemeral_stringz() to pull fields out of tvb. Would the
conversation routines give me a new data structure like tvb that
contains data from each of the packets strung together? If not, could I
use tvb_get_ephemeral_stringz() to pull fields out of the conversation?
Thanks!
Steve
_______________________________________________
Ethereal-dev mailing list
Ethereal-dev@xxxxxxxxxxxx
http://www.ethereal.com/mailman/listinfo/ethereal-dev
