Wireshark-users: Re: [Wireshark-users] IP Options TimeStamp

From: Jaap Keuter <jaap.keuter@xxxxxxxxx>
Date: Mon, 16 Aug 2010 09:18:19 +0200
Hello,

Obvious question, since this is the Wireshark Users forum, not the TCPDump forum: What does Wireshark tell you when loading this capture?

Thanks,
Jaap

On 08/16/2010 08:40 AM, vyaaghrah-wire@xxxxxxxxx wrote:
Hi Everybody

below is the o/p from tcpdump

06:31:23.417329  In IP (tos 0x0, ttl  64, id 0, offset 0, flags [none], proto:
TCP (6), length: 46, optlength: 4 ( TS{[bad ptr 0]TSONLY} )) 1.1.1.2.30583>
10.1.1.1.23: . 0:2(2) win 0

06:31:23.417358 Out IP (tos 0x0, ttl 255, id 41672, offset 0, flags [DF], proto:
ICMP (1), length: 60) 10.1.1.1>  1.1.1.2: ICMP parameter problem - octet 22,
length 40
         IP (tos 0x0, ttl  64, id 0, offset 0, flags [none], proto: TCP (6),
length: 46, optlength: 4 ( TS{[bad ptr 0]TSONLY} )) 1.1.1.2.30583>  10.1.1.1.23:
[|tcp]


I am trying to generate a IP Option packet(using IXIA) with Time Stamp Set but i
am getting this  error[optlength: 4 ( TS{[bad ptr 0]TSONLY} ))]  what the error
suggest i am missing anything from the packet. The packet is getting counted as
bad ip option.

Kindly suggest.


Regards
Abhijeet.C