[prev in list] [next in list] [prev in thread] [next in thread] 

List:       wireshark-bugs
Subject:    [Wireshark-bugs] [Bug 1579] New: Netflow Dissector - cannot decode
From:       bugzilla-daemon () wireshark ! org
Date:       2007-04-26 16:56:55
Message-ID: bug-1579-15 () http ! bugs ! wireshark ! org/bugzilla/
[Download RAW message or body]

http://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1579

           Summary: Netflow Dissector - cannot decode v9 options - patch
                    provided
           Product: Wireshark
           Version: SVN
          Platform: All
        OS/Version: All
            Status: NEW
          Severity: Major
          Priority: Medium
         Component: Wireshark
        AssignedTo: wireshark-bugs@wireshark.org
        ReportedBy: olivier.montanuy@orange-ftgroup.com


Build Information:
TShark 0.99.5

Copyright 1998-2007 Gerald Combs <gerald@wireshark.org> and contributors.
This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

Compiled with GLib 2.12.4, with libpcap 0.9.5, with libz 1.2.3, with libpcre
6.7, with Net-SNMP 5.2.3, with ADNS, without Lua, without GnuTLS, without
Gcrypt, without Kerberos.

Running on Linux 2.6.17-2-686, with libpcap version 0.9.5.

Built using gcc 4.1.2 20061115 (prerelease) (Debian 4.1.1-21).

--
Netflow dissector epan/dissector/packet-netflow.c
cannot decode correctly the Netflow v9 Options, because it does not take into
account the option scope of the option template.
Options are used by Cisco IOS, IOS-XR and Huawei VRP to report the sampling
rate, the ifName and ifDescr of the interfaces.

So I propose a patch that:
- decodes options correctly
- adds a few Netflow v9 types, as found in Cisco Flexible Netflow IOS 12.4T
- prints the unknown netflow types in hexa (useful for tshark)


-- 
Configure bugmail: http://bugs.wireshark.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
_______________________________________________
Wireshark-bugs mailing list
Wireshark-bugs@wireshark.org
http://www.wireshark.org/mailman/listinfo/wireshark-bugs

[prev in list] [next in list] [prev in thread] [next in thread]

Configure | About | News | Add a list | Sponsored by KoreLogic