https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=3631
--- Comment #2 from Ilya Albrekht <ilya.albrekht@xxxxxxxxxxx> 2009-06-29 14:39:14 PDT ---
(In reply to comment #1)
> The priority & protocol fields *are* displayed if the Service Type in the
> Service Info component is Dynamic.
>
> The IETF (expired) draft says:
>
> WCCP2_SERVICE_STANDARD (0).
> Service is a well known service and is described by the Service ID.
> All fields other than Service ID must be zero.
>
> I could take the above to mean that the priority and protocol fields for the
> Standard Service Type are meaningless and thus that's why the author of the
> WCCP dissector explicitly chose not to display them in this case.
>
> (Strictly speaking, to be consistent, it would seem that the flags also
> shouldn't be displayed in this case).
>
> Would it be better to have the dissector just display "unused (must be zero)"
> for these bytes if the Service Type is Standard ?
>
Right, this fields should be 0 in the case of Well-known service type
(WCCP2_SERVICE_STANDARD). But if the service type is WCCP2_SERVICE_STANDARD and
any of those two fields have a non-zero value than Cisco router says that it is
wrong service type and drop such packets.
It was my fault, but I spent more than hour to find it and Squid developers had
the same issue. I found it only after I started to compare packets
byte-by-byte.
I think, it would be good to display "unused (must be zero)" and show message
"Malformed packet" if they have non-zero value for Well-known services.
Thanks,
Ilya Albrekht
--
Configure bugmail: https://bugs.wireshark.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.