https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5541
--- Comment #9 from Stephen Fisher <steve@xxxxxxxxxxxxxxxxxx> 2011-01-03 23:48:55 MST ---
(In reply to comment #6)
> (In reply to comment #5)
> > The problem I had with the old implementation was that Wireshark showed the
> > scaled value without even putting the [Generated item] brackets around it, and
> > did not show the packet's actual value, leading to extra work and possible
> > confusion when trying to figure out the packet's actual value.
>
> Indeed, it needed an update :-)
I was also adding the type ("kind") and length around the same time to various
options so people like me who don't remember and those who don't know that is
how TCP options are stored in the packet :).
> The only thing I'm missing is being able to interpret the window_size when it
> is the same as the size_value. This can be caused by three things:
> 2) The particular flow uses a scaling factor of 1
I hadn't thought of that case.
> 3) The 3WHS was not seen by wireshark and therefore it defaults to using the
> window_size_value as its best bet.
>
> For 1) and 2) the tcp.window_size show the correct value used by the two
> endpoints. For 3) the value might not represent the actual value being used by
> the endpoints. It would be nice to be able to distinguish this situation from
> the other two.
Good point.
> This can be either done by changing the value itself (making it 0, -1 or
> -window_size_value), but that would confuse people I'm sure... So having a
> third field that reveals this info would be nice to have.
If only people could think like computers :)
> Stephen, if you do the proposed extra field for tcp.window_size_value, I'll add
> the code for the extra tcp.window_size_scalefactor (unless someone really
> objects to it).
Sure, I'll try to work on this in the morning when the brain is working full
speed again.
--
Configure bugmail: https://bugs.wireshark.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
