I think I know what might be triggering the bug.
I noticed that :
Pdu radius_pdu Proto radius Transport udp/ip {
Extract port From tcp.port; <====== shouldn't this be udp.port !?!?!?
};
If this fixes the crash I can try to reproduce it with my own captures.
Any way you'll find another problem :
Most probably radius uses the same port (src and dst) but you try to
match for the Gop on a pair of ports (Which is OK).
If the ports are the same radius_pdu has only one port attribute (one
charachtesistic of AVPLs is that there cannot be duplicate AVPs) you
need to add a second avp for port whenever there's only one, or else
it will never match.
Transform rad_port {
Match (port, port); // we got two ports that's it!
Insert (port=0); // we got one port only add a dummy second port
};
and then apply the transform to radius_pdu.
Luis
On 6/22/07, Bernhard Bock <mailinglists@xxxxxxx> wrote:
Luis,
Luis EG Ontanon wrote:
> Can you run it under a debugger and get a backtrace
>
> $ gdb /path_to/tshark
> (gdb) run -V -q file.cap
> -- crashes in the meanwhile
> (gdb) bt
I now upgraded my Linux WS to a self-built 0.99.5. I still cannot
reproduce the error with Linux. With Windows, the crash is reproducible.
Any ideas?
Bernhard
_______________________________________________
Wireshark-users mailing list
Wireshark-users@xxxxxxxxxxxxx
http://www.wireshark.org/mailman/listinfo/wireshark-users
--
This information is top security. When you have read it, destroy yourself.
-- Marshall McLuhan