http://bugs.wireshark.org/bugzilla/show_bug.cgi?id=2575
Summary: Some iFCP packets do not decode before of non-nulls in
bytes 4-7 of header
Product: Wireshark
Version: 1.0.0
Platform: PC
OS/Version: Windows XP
Status: NEW
Severity: Normal
Priority: Low
Component: Wireshark
AssignedTo: wireshark-bugs@xxxxxxxxxxxxx
ReportedBy: fschorr@xxxxxxxxxxx
Build Information:
Compiled with GTK+ 2.12.8, with GLib 2.14.6, with WinPcap (version unknown),
with libz 1.2.3, without POSIX capabilities, with libpcre 7.0, with SMI 0.4.5,
with ADNS, with Lua 5.1, with GnuTLS 1.6.1, with Gcrypt 1.2.3, with MIT
Kerberos, with PortAudio V19-devel, with AirPcap.
Running on Windows XP Service Pack 2, build 2600, with WinPcap version 4.0.2
(packet.dll version 4.0.0.1040), based on libpcap version 0.9.5, without
AirPcap.
Built using Microsoft Visual C++ 6.0 build 8804
--
RFC 4172 section 5.3.1 shows a chart of the iFCP encapsulated Header Format.
It says that bytes 4-7 MUST be zeros. In reality most vendors are putting some
information in these 4 bytes, particularly Nishon. This caused almost all iFCP
packets to not be decoded for this vendor
--
Configure bugmail: http://bugs.wireshark.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.