Wireshark

  • Riverbed Technology
  • WinPcap
the world's foremost network protocol analyzer
  • Wireshark
    • About
    • Download
    • Blog
  • Get Help
    • Ask a Question
    • FAQs
    • Documentation
    • Mailing Lists
    • Online Tools
    • Wiki
    • Bug Tracker
  • Develop
    • Get Involved
    • Developer's Guide
    • Browse the Code
    • Latest Builds

Wireshark-users: Re: [Wireshark-users] cflow v9 dissector oddity

Date Index Thread Index Other Months All Mailing Lists
Date Prev Date Next Thread Prev Thread Next


From: Stephen Fisher <stephentfisher@xxxxxxxxx>
Date: Thu, 30 Nov 2006 17:57:43 -0800

On Sun, Nov 26, 2006 at 11:10:05PM -0500, Yann Berthier wrote:

>    On a capture of netflow v9 traffic from 2 routers, where r1 exports
>    data flowsets using template id 257 and template flowsets of said id
>    of 21 fields, and r2 exports a template flowset for id == 257 of 23
>    fields, wireshark (0.99.4) mixes-up the templates when decoding the
>    flowsets from r1 - it uses the last template cached, be it from r1
>    or r2, to decode the data flowsets from r1

This sounds like a problem with the dissector.  Could you file a bug at 
http://bugzilla.wireshark.org/ and attach a capture file that you see 
the problem with?


Steve
  • Follow-Ups:
    • Re: [Wireshark-users] cflow v9 dissector oddity
      • From: Yann Berthier
  • Next by Date: [Wireshark-users] Wireshark on OpenBSD, and using OpenSSL
  • Next by thread: Re: [Wireshark-users] cflow v9 dissector oddity
  • Index(es):
    • Date
    • Thread

Wireshark and the "fin" logo are registered trademarks of the Wireshark Foundation