Feature #4820: Wireshark dissector: follow TCP stream - ndn-tools - NDN project issue tracking system

Actions

Copy link

Feature #4820

open

Wireshark dissector: follow TCP stream

Added by Junxiao Shi about 5 years ago. Updated about 5 years ago.

Status:

New

Priority:

Normal

Assignee:

Start date:

Due date:

% Done:

Estimated time:

6.00 h

Description

Currently, ndn.lua interprets each TCP segment individually. As a result, NDN packets crossing TCP segment boundary are lost, and subsequent TCP segment could be decoded incorrectly.
This issue is to register the Wireshark dissector on top of Wireshark's TCP stream reconstruction feature, so that TCP segments are joined together before decoding as NDN protocol.
Packet boundary guess would be necessary only when the packet capture does not include the start of a TCP stream.

Files

20190117.pcap (610 KB) 20190117.pcap

test case from ONL

Junxiao Shi, 01/28/2019 10:25 AM

Actions

Copy link

Updated by Junxiao Shi about 5 years ago

File 20190117.pcap 20190117.pcap added

John DeHart has provided a test case captured on ONL.
Frame 1267-1271 are decoded incorrectly due to missing TCP following feature, as explained in this message.

Actions

Copy link

Also available in: Atom PDF

Project

General

Profile

NFD » ndn-tools

Tags

Feature #4820

Wireshark dissector: follow TCP stream

Updated by Junxiao Shi about 5 years ago