Huge thanks to our Platinum Members Endace and LiveAction,
and our Silver Member Veeam, for supporting the Wireshark Foundation and project.
Wireshark logo

Wireshark-bugs: [Wireshark-bugs] [Bug 1047] New: 64bit counters in SNMP response do not show cor

Date Prev · Date Next · Thread Prev · Thread Next
Date Index · Thread Index · Other Months · All Mailing Lists
From: bugzilla-daemon@xxxxxxxxxxxxx
Date: Mon, 21 Aug 2006 14:49:27 +0000 (GMT)
http://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1047

           Summary: 64bit counters in SNMP response do not show correct
                    values
           Product: Wireshark
           Version: SVN
          Platform: PC
        OS/Version: Windows 2000
            Status: NEW
          Severity: Major
          Priority: Medium
         Component: Wireshark
        AssignedTo: wireshark-bugs@xxxxxxxxxxxxx
        ReportedBy: vip@xxxxxxxxxx
                CC: vip@xxxxxxxxxx


Wireshark does not appear to correctly handle 64bit counters that are part of
an SNMP Get-response.  Exactly how the values appear in the GUI differs between
the different versions of Wireshark.  Sometimes, it shows just the SNMP object,
and then a value, without breaking it down into "application-wide:
big-counter-value" etc..  and just showing OID, and result.. such as 

    Object identifier 1: 1.3.6.1.2.1.31.1.1.1.6.1 (IF-MIB::ifHCInOctets.1)
    Value: 34458900

With this version, if a single OID is requested using an SNMP GET, then the
result in the value: appears to be correct. If, however, a larger pdu is
requested then the values appear garbled where the 64bit counter begins.  A
sample output of this is as follows :

    Object identifier 6: 1.3.6.1.2.1.31.1.1.1.6.26 (IF-MIB::ifHCInOctets.26)
    Value :
0x003010060b2b060102011f010101071a4601003010060b2b060102011f010101081a4601003010060b2b060102011f010101091a4601003010060b2b060102011f0101010a1a4601003010060b2b060102011f0101010b1a4601003010060b2b060102011f0101010c1a4601003010060b2b0

Alternatively with other versions of Wireshark, the output looks like this;

               Item
                    name: 1.3.6.1.2.1.31.1.1.1.10.26 (IF-MIB::ifHCOutOctets.26)
                    valueType: value (0)
                        value: simple (4294967295)
                        value: simple (4294967295)
                            application-wide: big-counter-value (6)
                                big-counter-value: 943451628


Here, I've never been able to get a correct value represented.  While it
doesn't show up garbled as in the previous case, the values are always
incorrect.

I'll attach a sample capture file, and the actual expected results as visible
from the mib-walk tool for reference.

If you need additional info, please feel free to contact me at vip@xxxxxxxxxx

Thanks.

Vip.


-- 
Configure bugmail: http://bugs.wireshark.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
Wireshark logo footer

© Wireshark Foundation · Privacy Policy

Facebook·Mastodon·Twitter·YouTube