http://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1855
------- Comment #2 from guy@xxxxxxxxxxxx 2007-09-18 20:31 GMT -------
It's more that firewalls and WinPcap don't play well together; I suspect
various UN*X firewalls work better with (BPF, Linux PF_PACKET sockets, DLPI,
etc.).
As for the checksum errors on outgoing packets, that's probably the result of
TCP checksum offloading - outgoing packets are handed to the packet capture
mechanism before they're handed to the network adapter, and those packets have
not had the checksum calculated because the TCP stack is relying on the adapter
to calculate the checksum. (Bad luck for you if the packet gets corrupted
while being transferred between the host and the adapter. :-)) If we can get
the direction of the packet (incoming or outgoing), and get an indication of
whether the adapter does TCP checksum offloading or not, extend *pcap to supply
that information, and use pcap-NG format to store that information, tcpdump and
Wireshark could know whether to trust the checksum on a particular packet.
For now, you can just disable the checksum checking in the preferences for TCP.
--
Configure bugmail: http://bugs.wireshark.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.