http://anonsvn.wireshark.org/viewvc/viewvc.cgi?view=rev&revision=23230
User: sake
Date: 2007/10/19 09:50 AM
Log:
From Andrew Feren:
sFlow datagrams can contain sampled headers from conversations on the network.
Often it is convenient to have wireshark dissect these payload headers, but
doing so can also have undesirable side effects. Dissected payload headers may
match filters looking for header fields that also happen to occur in the
payload. This can cause surprising results.
Also TCP analysis will almost always flag errors on sampled headers. They are,
after all, just a sample and many sequence numbers are sure to be missing.
There is probably a more general way to resolve these issues, but adding
preferences to enable/disable tcp analysis and dissection of sampled headers
will be a good start. This will make it possible to examine the details of
sampled headers if desired or to disable dissection if the side effects of
dissecting sampled headers cause issues.
Directory: /trunk/epan/dissectors/
Changes Path Action
+93 -17 packet-sflow.c Modified
