https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5846
--- Comment #11 from Bill Meier <wmeier@xxxxxxxxxxx> 2011-04-20 15:30:15 EDT ---
(In reply to comment #10)
> Bill :
> Are you sure if the malformed is v0 header ? and not a buggy utp client ?
> Because the version and type is correct
>
I'm certainly not sure ...
However, if I dissect the malformed frames as V0, they seems to dissect OK (or
at least better than previously).
That is: what appears to be the 10 byte "EXT_EXTENSION_BITS" field in many of
the frames is properly handled and the frames with apparently no extension are
also handled properly.
Also, I think I decided last night that the time fields seemed more reasonable
when the malformed frames were dissected as V0.
Obviously I could be way off base and the frames in the capture could be from a
buggy implementation or there's another format or ...
I'm going to commit my hack; I expect more uTP captures will show up shortly
which will help to see what's really going on (or someone who knows the
protocol will provide additional information).
(I tried installing uTorrent and doing a small download and capturing same; for
some reason I didn't see any uTP packets in the capture).
--
Configure bugmail: https://bugs.wireshark.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.