diff options
| -rw-r--r-- | doc/README.xml-output | 4 | ||||
| -rwxr-xr-x | tools/msnchat | 3 |
2 files changed, 5 insertions, 2 deletions
diff --git a/doc/README.xml-output b/doc/README.xml-output index fc1d6e2db2..3a8194f7ff 100644 --- a/doc/README.xml-output +++ b/doc/README.xml-output @@ -177,8 +177,8 @@ Each of these classes has accessors which will return the defined attributes: Protocols and fields can contain other fields. Thus, the Protocol and Field class have a "children" member, which is a simple list of the Field objects, if any, that are contained. The "children" list can be -directly accessed by calling users. It will be empty of this Protocol -or Field contains no Fields. +directly accessed by code using the object. The "children" list will be +empty if this Protocol or Field contains no Fields. Furthermore, the Packet class is a sub-class of the PacketList class. The PacketList class provides methods to look for protocols and fields. diff --git a/tools/msnchat b/tools/msnchat index 722aee0430..b3d177a9e7 100755 --- a/tools/msnchat +++ b/tools/msnchat @@ -227,6 +227,9 @@ class CaptureFile: """Collect the packets passed back from WiresharkXML. Sort them by TCP/IP conversation, as there could be multiple clients per machine.""" + # Just in case we're looking at tunnelling protocols where + # more than one IP or TCP header exists, look at the last one, + # which would be the one inside the tunnel. src_ip = packet.get_items("ip.src")[-1].get_show() dst_ip = packet.get_items("ip.dst")[-1].get_show() src_tcp = packet.get_items("tcp.srcport")[-1].get_show() |