Wireshark-dev: Re: [Wireshark-dev] no size information in fixed header-length for tcp_dissect_p
Date Index · Thread Index · Other Months · All Mailing Lists
Date Prev · Date Next · Thread Prev · Thread Next
From: Robert Naumann <robert.naumann@xxxxxxxxxxxxxxxxxxxx>
Date: Fri, 08 Jun 2007 08:32:52 +0200
Stephen Fisher wrote: 
On Thu, Jun 07, 2007 at 04:13:09PM +0200, Robert Naumann wrote:

  
in the rfb-protocol i've to dissect i got some zlib-compressed 
FramebufferUpdates. The PDU-header doenst contain any information 
about the compressed data-bytes, so i decided to sniff in the 
compressed data, as there are the lenght information of one compressed 
part is stored.  So i can move on the datastream to the next size 
information until the end of the PDU. My GET_PDU_LEN()- function 
reports the correct size of the hole PDU. Now to the problems i got.
    
Are you trying to dissect the VNC protocol?  I added support for server 
frame buffer updates to the VNC dissector after 0.99.5 was released and 
this includes the ZRLE (Zlib-compressed Run Length Encoding) type.  The 
sub-dissection of the ZRLE uncompressed data is not quite complete 
though.
no its an own rfb-protocol version the company (i work for) adopted for their purposes (not VNC). I dont know how excatly how the VNC protocol works and if there are the same problems i have. But a look at the code maybe helps me.

Steve
_______________________________________________
Wireshark-dev mailing list
Wireshark-dev@xxxxxxxxxxxxx
http://www.wireshark.org/mailman/listinfo/wireshark-dev

Robert