https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5121
Summary: Netflow parsing has a problem in sampler ID in case of
v9.
Product: Wireshark
Version: SVN
Platform: All
OS/Version: All
Status: NEW
Severity: Major
Priority: Low
Component: Wireshark
AssignedTo: wireshark-bugs@xxxxxxxxxxxxx
ReportedBy: mohinder.garg@xxxxxxxxx
Created an attachment (id=5068)
--> (https://bugs.wireshark.org/bugzilla/attachment.cgi?id=5068)
patch file for the fix
Build Information:
wireshark 1.2.7
Copyright 1998-2010 Gerald Combs <gerald@xxxxxxxxxxxxx> and contributors.
This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
Compiled with GTK+ 2.20.0, with GLib 2.24.0, with libpcap 1.0.0, with libz
1.2.3.3, with POSIX capabilities (Linux), with libpcre 7.8, with SMI 0.4.8,
with
c-ares 1.7.0, with Lua 5.1, with GnuTLS 2.8.5, with Gcrypt 1.4.4, with MIT
Kerberos, with GeoIP, with PortAudio V19-devel (built Feb 18 2010 23:31:11),
without AirPcap.
Running on Linux 2.6.32-24-generic, with libpcap version 1.0.0, GnuTLS 2.8.5,
Gcrypt 1.4.4.
Built using gcc 4.4.3.
--
Sampler ID length in netflow v9 option template data us 2 bytes but in the code
it has been assumed to be one byte long. It results in wrong flowSamplerID
being displayed everytime.
I am attaching the patch for fixing this along with this comment.
--
Configure bugmail: https://bugs.wireshark.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.