Comment # 7
on bug 11452
from Hadriel Kaplan
Sorry I should have re-opened this bug; there are actually several bugs logged
in my head that need to be opened and resolved for pcapng. But right now I'm
working on generating test pcapng files for the various scenarios, so I can add
them to the test suite with the bug fix deliveries.
Some other bugs logged in my head that I will eventually open bugzilla bugs
for:
1) mergecap also assumes all files have at least one IDB. (but see #8 below)
2) for mergecap/capinfos: pcapng's file reading code doesn't get *all* the IDBs
in a file until it reads through the whole file, so mergecap/capinfo's have an
incorrect view of what all the IDBs and linktypes/encaps are in the file.
3) mergecap doesn't merge-copy sutff like SHB comments/os/hardware, IDB
comments, ISBs, etc.
4) pcapng reader adjusts IPv4 addresses using the SHB endianness, which it
shouldn't.
5) pcpang reader doesn't skip extraneous padding - but it's not clear if it
should do so or not yet, since that's not decided for the draft spec.
Not really bugs, but stuff to work on:
5) pcapng reader doesn't handle multiple SHBs. (not a bug, but a known
limitation)
6) the pcpang code needs to be refactored - the code for reading/writing of
options is done again and again in each block, and could be coalesced.
7) wireshark doesn't handle multiple comments.
8) I've been thinking that all wiretap file readers should actually create an
IDB - make that the way it works, by having wtap do it for them if they don't
do it themselves (i.e., just as it currently does it on behalf of legacy pcap
files). But this doesn't mean an IDB will always exist - a truly empty pcapng
file won't have one, for example. But the point is to make wtap be more like a
pcapng file format internally.
You are receiving this mail because:
- You are watching all bug changes.