Wireshark-bugs: [Wireshark-bugs] [Bug 5914] "Offset field" value in fragmentation header in "Pac

Date Prev · Date Next · Thread Prev · Thread Next
Date Index · Thread Index · Other Months · All Mailing Lists
From: bugzilla-daemon@xxxxxxxxxxxxx
Date: Thu, 12 May 2011 20:14:41 -0700 (PDT)
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5914

Chris Maynard <christopher.maynard@xxxxxxxxx> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|NEW                         |RESOLVED
         Resolution|                            |INVALID

--- Comment #1 from Chris Maynard <christopher.maynard@xxxxxxxxx> 2011-05-12 20:14:40 PDT ---
The fragment offset field is only the upper-most 13 bits of those 2 bytes,
0x05a9, so if you mask off only those upper-most 13 bits of 0x05a9, you get
0x05a8.  And when you right-shift that value by 3, which you need to do in
order to obtain the numerical value of those 13 bits, you get 0xb5, which in
decimal is 181.

Wireshark is telling you which bits comprise the 2 bytes right in the packet
details pane.  You can also switch the packet bytes pane from hex view to bits
view and see only the 13 bits highlighted.

Those 13 bits are: 0000010110101, which is 2^7 + 2^5 + 2^4 + 2^2 + 2^0, which
is 128 + 32 + 16 + 4 + 1 = 181.

For more information, have a look at
http://tools.ietf.org/html/rfc2460#section-4.5.

-- 
Configure bugmail: https://bugs.wireshark.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.