On Tue, Jan 18, 2000 at 06:39:21PM -0600, Nathan Neulinger wrote:
> I probably should comment out that code... The LDAP decoder doesn't do
> anything yet, as I haven't had a chance to figure out how to use the
> asn1 code.
Doug Lazard's LDAP dissector, which I've just checked into the CVS tree
(and which should thus appear in the next release), appears to correctly
dissect the LDAP packet in the trace in question:
Summary:
No. Time Source Destination Protocol Info
1 0.000000 172.20.104.2 172.20.232.2 LDAP MsgId=3 MsgType=Search Request
Detail:
Frame 1 (113 on wire, 113 captured)
Arrival Time: Jan 17, 2000 08:39:53.6256
Time delta from previous packet: 0.000000 seconds
Frame Number: 1
Packet Length: 113 bytes
Capture Length: 113 bytes
Ethernet II
Destination: 08:00:20:b9:5d:c9 (Sun_b9:5d:c9)
Source: 08:00:20:b6:62:6e (Sun_b6:62:6e)
Type: IP (0x0800)
Internet Protocol
Version: 4
Header length: 20 bytes
Differentiated Services Field: 0x00 (DSCP 0x00: Default)
0000 00.. = Differentiated Services Codepoint: Default (0x00)
.... ..00 = Currently Unused: 0
Total Length: 99
Identification: 0xb4af
Flags: 0x04
.0.. = Don't fragment: Set
..0. = More fragments: Set
Fragment offset: 0
Time to live: 255
Protocol: TCP (0x06)
Header checksum: 0x1eb7 (correct)
Source: 172.20.104.2 (172.20.104.2)
Destination: 172.20.232.2 (172.20.232.2)
Transmission Control Protocol, Src Port: 34348 (34348), Dst Port: ldap (389), Seq: 292825328, Ack: 332613267
Source port: 34348 (34348)
Destination port: ldap (389)
Sequence number: 292825328
Acknowledgement number: 332613267
Header length: 20 bytes
Flags: 0x0018 (PSH, ACK)
..0. .... = Urgent: Set
...0 .... = Acknowledgment: Set
.... 0... = Push: Set
.... .0.. = Reset: Set
.... ..0. = Syn: Set
.... ...0 = Fin: Set
Window size: 8760
Checksum: 0x6fff
Lightweight Directory Access Protocol
Message Id: 3
Message Type: Search Request (0x63)
Message Length: 52
Base DN: CLID_IP
Scope: Base (0x00)
Dereference: Never (0x00)
Size Limit: 0
Time Limit: 15
Attributes Only: False
Filter: (login_ip=172.20.24.63)