ANNOUNCEMENT: Live Wireshark University & Allegro Packets online APAC Wireshark Training Session
July 17th, 2024 | 10:00am-11:55am SGT (UTC+8) | Online
Wireshark logo

Wireshark-bugs: [Wireshark-bugs] [Bug 3907] New: EIGRP dissector enhancements (IPv6, Stub routin

Date Prev · Date Next · Thread Prev · Thread Next
Date Index · Thread Index · Other Months · All Mailing Lists
From: bugzilla-daemon@xxxxxxxxxxxxx
Date: Mon, 17 Aug 2009 12:29:29 -0700 (PDT)
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=3907

           Summary: EIGRP dissector enhancements (IPv6, Stub routing,
                    Authentication TLVs)
           Product: Wireshark
           Version: SVN
          Platform: All
        OS/Version: All
            Status: NEW
          Severity: Major
          Priority: Low
         Component: Wireshark
        AssignedTo: wireshark-bugs@xxxxxxxxxxxxx
        ReportedBy: jochen.bartl@xxxxxxxxx


Build Information:
wireshark 1.3.0 (SVN Rev 29455 from /trunk)

Copyright 1998-2009 Gerald Combs <gerald@xxxxxxxxxxxxx> and contributors.
This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

Compiled with GTK+ 2.16.1, with GLib 2.20.1, with libpcap 1.0.0, with libz
1.2.3.3, with POSIX capabilities (Linux), with libpcre 7.8, with SMI 0.4.7,
without c-ares, with ADNS, with Lua 5.1, without Python, with GnuTLS 2.4.2,
with
Gcrypt 1.4.1, with MIT Kerberos, with GeoIP, with PortAudio V19-devel (built
Mar
 4 2009), without AirPcap.

Running on Linux 2.6.28-15-generic, with libpcap version 1.0.0, GnuTLS 2.4.2,
Gcrypt 1.4.1.

Built using gcc 4.3.3.
--
The code includes the following changes to the EIGRP dissector
(packet-eigrp.c):

- IPv6 internal / external route TLVs
- Authentication TLV
- EIGRP Stub routing TLV
- Replaced nearly all proto_tree_add_text with proto_tree_add_item
- Reformatted code

I have uploaded 3 new pcap files, which can be used to verify the newly added
functionality. You can find them on the SampleCatpures page or on the EIGRP
protocol page in the Wiki. http://wiki.wireshark.org/EIGRP

The fuzzing test with fuzz-test.sh -p 1000 and the 3 pcap files didn't crash
the dissector.

There are still some items on my todo / whishlist for this dissector:

- Display filters for
        * destination field in internal / external route updates
        * dissect_eigrp_sv, IOS / EIGRP version
- EIGRP header checksum validation (Expert info, ...)
- 0x0007 TLV
        * eigrp-for-ipv6-auth.pcap (pkts 426, 427)
        * type: 2 octets
        * size: 2 octets
        * addr_len: 1 octet
        * variable length address field depending on addr_len field
        * Not sure what this TLV is good for
- Detect packet loss / retransmissions via seq/ack numbers

I'll implement those things when I have more experience with the WS source
code. But it would be also great to team-up with other people to implement this
features.

Just let me know when there is a problem with the patch.

Best Regards,

Jochen


-- 
Configure bugmail: https://bugs.wireshark.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
Wireshark logo footer

© Wireshark Foundation · Privacy Policy

Facebook·Mastodon·Twitter·YouTube