Wireshark
the world's foremost network protocol analyzer
Wireshark-users: Re: [Wireshark-users] ipv6 unknown extension header
From: Martin d Anjou <point14@xxxxxxxx>
Date: Thu, 6 Nov 2008 22:32:40 -0500 (EST)
Is wireshark able to "jump" over the unknwon extension header (using the Hdr Ext Len) and keep searching for next headers and eventually find L4 protocols like TCP?No - is anything *else* able to do so? [explanation deleted] This doesn't seem to suggest that skipping over unknown headers is necessarily the right thing to do.
I agree with your conclusion. An "unknown" ipv6 extension header could be a new layer 4 protocol, or a new ipv6 extension header whose second byte is not the Hdr Ext Len, which makes "jumping over it" the wrong thing to do.
And like you, I don't see any "correct" thing to do with unknown ipv6 extension header, so it does not seem like Sake Blok's "fix" is the right thing to do either:
I committed a patch in SVN 26722 that fixes this issue...
Sorry Sake... Although I can probably use your commit to patch my local copy for the time being, so thanks a lot for that!
Now, any advice for me? Write a dissector for my "unknown" extension header therefore making it a known one? I am just trying to put out an extension header whose length I can control easily, but the content does not matter.
Thanks, Martin
- References:
- [Wireshark-users] ipv6 unknown extension header
- From: Martin d Anjou
- Re: [Wireshark-users] ipv6 unknown extension header
- From: Guy Harris
- [Wireshark-users] ipv6 unknown extension header
- Prev by Date: Re: [Wireshark-users] tshark creates files in temp dir
- Next by Date: Re: [Wireshark-users] ipv6 unknown extension header
- Previous by thread: Re: [Wireshark-users] ipv6 unknown extension header
- Next by thread: Re: [Wireshark-users] ipv6 unknown extension header
- Index(es):