Wireshark-dev: Re: [Wireshark-dev] RUDP Plugin functional ?
From: "Jan Kokott" <Blind007@xxxxxx>
Date: Mon, 15 Jan 2007 21:54:30 +0100
That is correct. 
And as I said, I modified the packet to the definition of RUDP (rfc908 Chapter 4). The only thing that is unmodified is the IP and Ethernet Header.(with the modification in the Type declaration).
As much as i understand of RUDP it is also encapsulated in IP so I added the Information to the existing body.
Did anybody test the plugin recently ?
I just wanted to know if it does what it´s supposed to do and why it analyses my packet, regardless of the plugin being installed or the plugin removed.




-------- Original-Nachricht --------
Datum: Mon, 15 Jan 2007 20:07:22 +0100
Von: Andreas Fink <afink@xxxxxxxxxxxxx>
An: Developer support list for Wireshark <wireshark-dev@xxxxxxxxxxxxx>
Betreff: Re: [Wireshark-dev] RUDP Plugin functional ?

> I dont think a TCP Ack packet looks any similar to a RUDP ACK packet.
> Simply because RUDP is a UDP packet and then a IP packet while a TCP  
> ACK packet is a IP packet. Also the structuring of ACK packets in  
> RUDP and TCP are totally different.
> 
> On 15.01.2007, at 17:57, Jan Kokott wrote:
> 
> > Hi,
> >
> > is the RUDP Plugin working ?
> > I am trying around a bit with it in order to see how my own  
> > dissector should work.
> > I tried to build a little rudp-ack packet out of a tcp-ack packet  
> > which I modified with an editor(Protocol-Type 0x1b...).
> > The Info column says "Reliable Data (ox1b)" but that´s all.
> > The Ethernet and IP Header are fragmented correctly, but everything  
> > after the Destination IP is marked as "Data".
> > When I delete the .la and the .so from the plugin folder, rudp isn 
> > ´t listed in the plugin section anymore.
> > But Wireshark displays the same info about my packet "Reliable Data  
> > (ox1b)" and insists on "Data" instead of reading the rudp Header.
> > I was just playing around with an easy to understand plugin in  
> > order to get my own up and working.
> >
> > Greetz   Jan
> > _______________________________________________
> > Wireshark-dev mailing list
> > Wireshark-dev@xxxxxxxxxxxxx
> > http://www.wireshark.org/mailman/listinfo/wireshark-dev
> 
> 
> 
> 
> 
> Andreas Fink
> 
> Fink Consulting GmbH
> Global Networks Schweiz AG
> BebbiCell AG
> 
> ---------------------------------------------------------------
> Tel: +41-61-6666330 Fax: +41-61-6666331  Mobile: +41-79-2457333
> Address: Clarastrasse 3, 4058 Basel, Switzerland
> E-Mail:  andreas@xxxxxxxx
> www.finkconsulting.com www.global-networks.ch www.bebbicell.ch
> ---------------------------------------------------------------
> ICQ: 8239353 MSN: msn1@xxxxxx AIM: smsrelay Skype: andreasfink
> Yahoo: finkconsulting SMS: +41792457333
> 
> 
> 
> 
>