How is it possible to regroup packets (for example the same http request is divide in many packets)?
I'm looking for code samples / doc.
You need a TCP segment reassembler. There isn't one yet. After I get the 1.2 release into production status, I will be adding a ton of new protocols and IP and TCP reassemblers.
Here is a working tutorial that explains how IP reassembly can be done though:
Dear all,
In IP fragment reassembly example I noticed it works only under assumption that IP packets are sent in right order. For instance, if we take the second example from wikipedia page (http://en.wikipedia.org/wiki/IPv4#Fragmentation_and_reassembly), and we send, in order, the first fragment, the third, the second and finally the fourth... something goes wrong. I'm right?
Giancarlo
Actually the example will work with out of order fragments. It uses Ip4.offset() * 8 for offset and Ip4.length - Ip4.hlen() * 4 as length of the fragment and copies it into the reassembly buffer. It gets the total length of the reassembled datagram when it finds the last fragment, no matter what order it was found in.
Ip4 reassembly was only used as an example of jnetpcap usage. I have the real Ip4 reassembler already working and it will be released in rc5. Its very much different.