https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5914
Chris Maynard <christopher.maynard@xxxxxxxxx> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |RESOLVED
Resolution| |INVALID
--- Comment #1 from Chris Maynard <christopher.maynard@xxxxxxxxx> 2011-05-12 20:14:40 PDT ---
The fragment offset field is only the upper-most 13 bits of those 2 bytes,
0x05a9, so if you mask off only those upper-most 13 bits of 0x05a9, you get
0x05a8. And when you right-shift that value by 3, which you need to do in
order to obtain the numerical value of those 13 bits, you get 0xb5, which in
decimal is 181.
Wireshark is telling you which bits comprise the 2 bytes right in the packet
details pane. You can also switch the packet bytes pane from hex view to bits
view and see only the 13 bits highlighted.
Those 13 bits are: 0000010110101, which is 2^7 + 2^5 + 2^4 + 2^2 + 2^0, which
is 128 + 32 + 16 + 4 + 1 = 181.
For more information, have a look at
http://tools.ietf.org/html/rfc2460#section-4.5.
--
Configure bugmail: https://bugs.wireshark.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.