Can you expand your question, over what protocol are these packets running, are they sequential, fragmented, anything else you can think of to explain the issue.
These packets are running over UDP. I'm still fairly new to wireshark, so I'm still not familiar with some terms, like "sequential" or "fragmented". When I was reading the developer's guide section 9.4, I found that if a packet is too large, it can be split, and the data is spread between multiple packets. To do my dissection, I need to reassemble these split packets. What I want to know, is that is it possible to use the reassembly API to assemble packets that aren't split?
I'm missing something here, if you have the complete packet because it isn't split, why do you need to reassemble?
Note that this is quite an advanced topic for dissectors and there isn't much documentation apart from in the reassembly code itself, and the existing dissectors that use it.
It's for a project, if it isn't possible to apply reassembly to packets that aren't split, then is there another way to dissect multiple packets in a single dissector?
So do you have multiple packets for your protocol inside a single link-layer frame, a single packet for your protocol that is made up from multiple link-layer frames, or both?
Can you expand your question, over what protocol are these packets running, are they sequential, fragmented, anything else you can think of to explain the issue.
These packets are running over UDP. I'm still fairly new to wireshark, so I'm still not familiar with some terms, like "sequential" or "fragmented". When I was reading the developer's guide section 9.4, I found that if a packet is too large, it can be split, and the data is spread between multiple packets. To do my dissection, I need to reassemble these split packets. What I want to know, is that is it possible to use the reassembly API to assemble packets that aren't split?
I'm missing something here, if you have the complete packet because it isn't split, why do you need to reassemble?
Note that this is quite an advanced topic for dissectors and there isn't much documentation apart from in the reassembly code itself, and the existing dissectors that use it.
It's for a project, if it isn't possible to apply reassembly to packets that aren't split, then is there another way to dissect multiple packets in a single dissector?
So do you have multiple packets for your protocol inside a single link-layer frame, a single packet for your protocol that is made up from multiple link-layer frames, or both?