[Vol-dev] Error with new packetscan module

Hi, I'm playing with the new packetscan.py module from issue 233: http://code.google.com/p/volatility/issues/detail?id=233 I'm using it against a Windows XP SP2 image and get the following error: $ volatility packetscan -f IR-XP-PC-20120302-memdump.mem --no-cache Traceback (most recent call last): File "/usr/local/bin/volatility", line 135, in <module> main() File "/usr/local/bin/volatility", line 126, in main command.execute() File "/usr/local/lib/python2.7/dist-packages/volatility/commands.py", line 101, in execute func(outfd, data) File "/usr/local/lib/python2.7/dist-packages/volatility/plugins/packetscan.py", line 100, in render_text for source, dest in data: File "/usr/local/lib/python2.7/dist-packages/volatility/plugins/packetscan.py", line 91, in calculate profile.vtypes.update(ippkt_vtype) AttributeError: 'WinXPSP2x86' object has no attribute 'vtypes' Does this module not support XP SP2? I'm admittedly in over my head, but I'm trying to figure out how to create a plugin to scan memory for a particular signature, and when found, parse data following the signature at specified offsets. I was examining this module as a possible template for my own module. I'm wondering, is it recommended to create a new vtype when scanning for a structure in memory? Thanks, Mike