Wireshark · Wireshark-bugs: [Wireshark-bugs] [Bug 12319] New: IPFix sequence number expectation incorrect.

Wireshark-bugs: [Wireshark-bugs] [Bug 12319] New: IPFix sequence number expectation incorrect.

Date: Mon, 04 Apr 2016 18:32:36 +0000

Bug ID	12319
Summary	IPFix sequence number expectation incorrect.
Product	Wireshark
Version	2.0.2
Hardware	x86
OS	Windows 7
Status	UNCONFIRMED
Severity	Major
Priority	Low
Component	Common utilities (libwsutil)
Assignee	[email protected]
Reporter	[email protected]

Created attachment 14466 [details]
Capture for IPFix

Build Information:
Version 2.0.2 (v2.0.2-0-ga16e22e from master-2.0)

Copyright 1998-2016 Gerald Combs <[email protected]> and contributors.
License GPLv2+: GNU GPL version 2 or later
<http://www.gnu.org/licenses/old-licenses/gpl-2.0.html>
This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

Compiled (64-bit) with Qt 5.3.2, with WinPcap (4_1_3), with libz 1.2.8, with
GLib 2.42.0, with SMI 0.4.8, with c-ares 1.9.1, with Lua 5.2, with GnuTLS
3.2.15, with Gcrypt 1.6.2, with MIT Kerberos, with GeoIP, with QtMultimedia,
with AirPcap.

Running on 64-bit Windows 7 Service Pack 1, build 7601, with locale C, with
WinPcap version 4.1.3 (packet.dll version 4.1.0.2980), based on libpcap version
1.0 branch 1_0_rel0b (20091008), with GnuTLS 3.2.15, with Gcrypt 1.6.2, without
AirPcap.
Intel(R) Xeon(R) CPU E5-1620 v3 @ 3.50GHz (with SSE4.2), with 8116MB of
physical
memory.


Built using Microsoft Visual C++ 12.0 build 40629

Wireshark is Open Source Software released under the GNU General Public
License.

Check the man page and http://www.wireshark.org for more information.
--
According to RFC https://tools.ietf.org/html/rfc7011#section-4.1, the IPFix
sequence number should increment for data record, while the sequence number
should not be incremented for template.

To reproduce at problem, open the capture and decode as CFlow.  Packet #8 has
the correct expected sequence number (53).  However, it expects packet #10 to
have sequence number as 55.  It should be 54 as it is the next packet after
packet #8.

You are receiving this mail because:

You are watching all bug changes.

Follow-Ups:
- [Wireshark-bugs] [Bug 12319] IPFix sequence number expectation incorrect.
  - From: bugzilla-daemon
- [Wireshark-bugs] [Bug 12319] IPFix sequence number expectation incorrect.
  - From: bugzilla-daemon
- [Wireshark-bugs] [Bug 12319] IPFix sequence number expectation incorrect.
  - From: bugzilla-daemon
- [Wireshark-bugs] [Bug 12319] IPFix sequence number expectation incorrect.
  - From: bugzilla-daemon

Prev by Date: [Wireshark-bugs] [Bug 12316] USBPcap prevents keyboard from working
Next by Date: [Wireshark-bugs] [Bug 12297] Segment Routing Extension in OSPF
Previous by thread: [Wireshark-bugs] [Bug 5575] Patch to fix memory leaks/errors in Lua plugin
Next by thread: [Wireshark-bugs] [Bug 12319] IPFix sequence number expectation incorrect.
Index(es):
- Date
- Thread