Wireshark-bugs: [Wireshark-bugs] [Bug 11957] New: Fail to decode suspected retransmissions

Date: Mon, 04 Jan 2016 12:20:03 +0000
Bug ID 11957
Summary Fail to decode suspected retransmissions
Product Wireshark
Version 2.0.1
Hardware x86-64
OS Windows 10
Status CONFIRMED
Severity Major
Priority Low
Component Dissection engine (libwireshark)
Assignee [email protected]
Reporter [email protected]

Build Information:
Wireshark 2.0.1 (v2.0.1-0-g59ea380 from master-2.0)

Copyright 1998-2015 Gerald Combs <[email protected]> and contributors.
License GPLv2+: GNU GPL version 2 or later
<http://www.gnu.org/licenses/old-licenses/gpl-2.0.html>
This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

Compiled (64-bit) with Qt 5.3.2, with WinPcap (4_1_3), with libz 1.2.8, with
GLib 2.42.0, with SMI 0.4.8, with c-ares 1.9.1, with Lua 5.2, with GnuTLS
3.2.15, with Gcrypt 1.6.2, with MIT Kerberos, with GeoIP, with QtMultimedia,
with AirPcap.

Running on 64-bit Windows 10, build 10586, with locale C, with WinPcap version
4.1.3 (packet.dll version 4.1.0.2980), based on libpcap version 1.0 branch
1_0_rel0b (20091008), with GnuTLS 3.2.15, with Gcrypt 1.6.2, without AirPcap.
Intel(R) Core(TM) i5-4310U CPU @ 2.00GHz (with SSE4.2), with 8089MB of physical
memory.


Built using Microsoft Visual C++ 12.0 build 31101

--
Hello,

When decoding a Diameter .pcap where Diameter Watchdog requests are mistakenly
marked as (suspected) retransmissions, the program fails to decode these
retransmissions as Diameter. Standard Diameter TCP port (3868) is used for the
Diameter session establishment.
Wireshark Legacy also shows the same behavior.

Best regards,
Filip


You are receiving this mail because:
  • You are watching all bug changes.