It apparently works now, sorry for the noise.
2014-10-29 12:23 GMT+01:00 Matt <matta...@gmail.com>:
> For posterity, here is how I've done it:
> conv = (conversation_t*)g_hash_table_find(
> get_conversation_hashtable_exact(), check_mptcp_token, (gpointer)&token);
>
> I am now looking for a way to debug. printf seems the way(and not
> g_log/Q_INFO ?) to go but I need to display the con sole to see the
> messages and I 've been unable to find a way to do so with the Qt version.
> I've set gui.console.open to ALWAYS in .wireshark/preferences (since prefs
> dialog didn't save my changes) but I still have no console. Whaat do I do
> wrong please ?
>
> 2014-10-28 14:23 GMT+01:00 Matt <matta...@gmail.com>:
>
>> From what I understand, I need either to redissect with a tcp filter (ie
>> dfilter("tcp") ) but it looks slow. I would rather search through created
>> TCP conversations. My problem is that conversations look saved into
>> different hashtables such as "GHashTable* conversation_hashtable_exact". To
>> compare my token with a key against all TCP connections, I believe I should
>> compare it over the conversations in the 4 hashtables. Is that correct ?
>>
>> 2014-10-28 9:58 GMT+01:00 Matt <matta...@gmail.com>:
>>
>>> >Is that option present in all TCP packets or just in the initial 3-way
>>> >handshake? If the former, then you have the problem I described above,
>>> >with the indicated workaround.
>>> This is one of the problems (and advantages) of these multipath protocols,
>>> it's easier to evade data capture.
>>> Especially for MPTCP, you have to get all SYN/ACKs to be able to map a
>>> subflow to an MPTCP
>>> connection, otherwise you can't tell anything (MPTCP exchanges keys/nonces
>>> to authenticate a subflow during the3WHS).
>>> I wished to propose expert info in case of packet retransmission (such as
>>> detecting wrong keys) but it's not mandatory.
>>>
>>> In fact, an MPTCP communication starts with a TCP 3WHS that exchanges some
>>> cryptographic keys with the TCP option MPTCP_CAPABLE.Then data is sent on
>>> this TCP connection.
>>>
>>> At anytime a new TCP connection can be made to join the precedent MPTCP
>>> connection. It is achieved with the establishment of a new TCP connection
>>> with the TCP option MP_JOIN. THis tcp option carries tokens derived from
>>> the keys exchanged during the MPTCP connection. So I need to check the
>>> token against all previous keys to see if it maches a previously registered
>>> MPTCP connection.
>>> That's why I need to loop through TCP connections
>>> find_conversation() returns one conversation based on IP addresses/ports
>>> but I want to run a check against token/keys and I dunno how to do it.
>>>
>>> Thanks for your help
>>>
>>>
>>>
>>> 2014-10-27 14:47 GMT+01:00 Matt <matta...@gmail.com>:
>>>
>>>> Hi,
>>>>
>>>> I am trying to improve the MPTCP support in the TCP dissector. To
>>>> provide expert infos, I need to identify which host initiated the
>>>> connection (ie sent the SYN). I wonder how to do that, I could use
>>>> tcp_analysis::server_port if ports were guaranted to be different on
>>>> both sides.
>>>>
>>>> Secondly, I am trying to setup an MPTCP *stream* identifier , similar
>>>> to tcp stream. Indeed a single MPTCP connection can be composed of
>>>> several TCP connections. Thing is to know to which MPTCP stream a TCP
>>>> stream is bound to, I have to check a token (in a TCP option) against
>>>> all MPTCP connections until I find a match. So I need to loop through
>>>> TCP connections. How can I do that.
>>>>
>>>> Regards
>>>> Matt
>>>>
>>>
>>>
>>
>
___________________________________________________________________________
Sent via: Wireshark-dev mailing list <wireshark-dev@wireshark.org>
Archives: http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe
