Hi, Now i'm writing dissector for some kind of traffic. I'm already got basic knowledge in dissector writing, so first primitive version was already done. But now, when I try to complete fully featured version of dissector I got many trobles with routine. So I'm looking for good advice from experienced developers. First of all, let me describe my traffic a little: - most part of traffic is crypted(with rc4)+compressed(with mppc), not crypted is only few start frames; - few start frames(or packets) have rc4 key inside itself;
So I do next. When I dissect traffic, i looking for first frames, reads rc4 keys from it and put it into static variable, so all other frames(packets) now can be correct decrypted. But I need to decompress(with MPPC), and here I got my troubles, cause I can decompress only 'linearly' incoming data (this is MPPC specific feature), so I'm stuck here. Please, point me to right way to implement such type of dissector. -- Best regards, Andriy 0xBDDBDAE3
signature.asc
Description: Digital signature
___________________________________________________________________________ Sent via: Wireshark-dev mailing list <wireshark-dev@wireshark.org> Archives: http://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe
