On Fri, Jun 20, 2008 at 6:26 PM, Guy Harris <[EMAIL PROTECTED]> wrote:
> Thomas Boehne wrote:
> > I followed the README.request_response_tracking to add
> > request/response tracking to a UDP based protocol, but the protocol
> > sometimes sends multiple responses to a single request. Does anybody
> > know of a dissector that handles this case properly, so that I could
> > take a look at the code?
>
> I don't know of any. I don't know of many protocols where multiple
> responses are sent to a single request (other than responses sent to
> retransmitted requests).
>
SIP is an example. A single request may have one or more provisional
responses e.g. progress, ringing, before the final response is received.
Responses currently track back to the request (and show a response time),
but the request doesn't currently track forward to its response(s).
There I wasn't sure if I should have a different filter for the first
resonse time (since this is the one that is probably of most interest),
possibly also the last. I also considered adding a generated field to
responses to say that they are the nth response to the same request. This
would let someone isolate the first responses if they wanted to, e.g.
sip.response.nth == 1
> > Or is it basically just a matter of extending the pana_transaction_t
> > struct (see below) to handle a list of replies, and then iterate
> > through it?
> >
> > typedef struct _pana_transaction_t {
> > guint32 req_frame;
> > guint32 rep_frame;
> > nstime_t req_time;
> > } pana_transaction_t;
>
> I.e., instead of a guint32 rep_frame, have a list of frames, or a GArray
> of frame numbers, or something such as that?
>
That's pretty much what I had in mind to do for SIP.
>
> That's probably the right answer.
> _______________________________________________
> Wireshark-dev mailing list
> Wireshark-dev@wireshark.org
> https://wireshark.org/mailman/listinfo/wireshark-dev
>
_______________________________________________
Wireshark-dev mailing list
Wireshark-dev@wireshark.org
https://wireshark.org/mailman/listinfo/wireshark-dev
