Wireshark · Wireshark-dev: Re: [Wireshark-dev] dissect_ip() and check for header length

Wireshark-dev: Re: [Wireshark-dev] dissect_ip() and check for header length

From: Guy Harris <guy@xxxxxxxxxxxx>

Date: Thu, 9 Sep 2010 18:31:54 -0700

On Sep 8, 2010, at 8:47 AM, Petr Sumbera wrote:

> But the problem is that stored packets for *outgoing* traffic doesn't 
> contain "Header length" (it's zero as at layer where it was captured it 
> wasn't filled,

...which means, of course, that no outgoing IPv4 traffic *ever* has IP options.

Otherwise, outgoing IPv4 packets would be undissectable unless the IPv4 header length is available elsewhere; you cannot dissect an IPv4 header unless you know how big it is, as it's not fixed-length (it's a fixed-length 20-byte portion followed by 0 or more bytes of options).

References:
- [Wireshark-dev] dissect_ip() and check for header length
  - From: Petr Sumbera

Prev by Date: [Wireshark-dev] successful build on AIX 5.3
Next by Date: [Wireshark-dev] the filter of FT_NONE
Previous by thread: [Wireshark-dev] dissect_ip() and check for header length
Next by thread: [Wireshark-dev] dissect_ip() and check for header length
Index(es):
- Date
- Thread