Huge thanks to our Platinum Members Endace and LiveAction,
and our Silver Member Veeam, for supporting the Wireshark Foundation and project.

Wireshark-bugs: [Wireshark-bugs] [Bug 4609] New: tcp.options.sack_perm not being used as a field

Date: Mon, 22 Mar 2010 20:34:44 -0700 (PDT)
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4609

           Summary: tcp.options.sack_perm not being used as a field
           Product: Wireshark
           Version: 1.2.6
          Platform: x86
        OS/Version: Windows Vista
            Status: NEW
          Severity: Normal
          Priority: Low
         Component: Wireshark
        AssignedTo: wireshark-bugs@xxxxxxxxxxxxx
        ReportedBy: martinvisser99@xxxxxxxxx


Created an attachment (id=4442)
 --> (https://bugs.wireshark.org/bugzilla/attachment.cgi?id=4442)
The attached pcap file, if this bug is fixed, would be displayed if the
following display filter, "tcp.options.sack_perm==1" was applied. Currently it
does not.

Build Information:
Version 1.2.6 (SVN Rev 31702)

Copyright 1998-2010 Gerald Combs <gerald@xxxxxxxxxxxxx> and contributors.
This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

Compiled with GTK+ 2.18.5, with GLib 2.22.3, with WinPcap (version unknown),
with libz 1.2.3, without POSIX capabilities, without libpcre, with SMI 0.4.8,
with c-ares 1.7.0, with Lua 5.1, with GnuTLS 2.8.5, with Gcrypt 1.4.5, with MIT
Kerberos, with GeoIP, with PortAudio V19-devel (built Jan 27 2010), with
AirPcap.

Running on 32-bit Windows Vista Service Pack 2, build 6002, with WinPcap
version
4.1.1 (packet.dll version 4.1.0.1753), based on libpcap version 1.0 branch
1_0_rel0b (20091008), GnuTLS 2.8.5, Gcrypt 1.4.5, without AirPcap.

Built using Microsoft Visual C++ 9.0 build 30729

Wireshark is Open Source Software released under the GNU General Public
License.

Check the man page and http://www.wireshark.org for more information.
--
TCP packets that are sent during the initial SYN-SYN/ACK handshake often,
though not always, have TCP Option set to permit the other end to use Selective
Acknowledgment (SACK). While this appears to correctly decoded by the current
TCP dissector, it is only displayed as a text item on the tcp.options field.
>From the display filter list there appears to be a defined field called
"tcp.options.sack_perm" that is set aside for this purpose, but is not used.

Please change the dissector so that TCP packets that have the "SACK permitted"
option set (as per the text field, it probably is the hex sequence 0x04 0x02 in
TCP options) set the "tcp.options.sack_perm" field to 1.

The attached pcap file, if this bug is fixed, would be displayed if the
following display filter, "tcp.options.sack_perm==1" was applied. Currently it
does not.

-- 
Configure bugmail: https://bugs.wireshark.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.