https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=2997
Summary: More complete support for IPFIX RFC 5103 biflows
Product: Wireshark
Version: 1.1.x (Experimental)
Platform: PC
URL: http://tools.ietf.org/html/rfc5103#section-6.3
OS/Version: All
Status: NEW
Severity: Enhancement
Priority: Low
Component: Wireshark
AssignedTo: wireshark-bugs@xxxxxxxxxxxxx
ReportedBy: alex.dupuy@xxxxxxx
Depends on: 2764
Alexander Dupuy <alex.dupuy@xxxxxxx> changed:
What |Removed |Added
----------------------------------------------------------------------------
Attachment #2398| |review_for_checkin?
Flag| |
Created an attachment (id=2398)
--> (https://bugs.wireshark.org/bugzilla/attachment.cgi?id=2398)
patch to wireshar subversion trunk to add support for IPFIX biflowDirection
template element
Build Information:
Version 1.1.2 (SVN Rev 26513)
Compiled with GTK+ 2.10.14, with GLib 2.12.13, with libpcap 0.9.7, with libz
1.2.3, with POSIX capabilities (Linux), with libpcre 7.3, without SMI, without
c-ares, with ADNS, without Lua, with GnuTLS 1.6.3, with Gcrypt 1.2.4, without
Kerberos, without PortAudio, without AirPcap.
Running on Linux 2.6.23.17-88.fc7, with libpcap version 0.9.7.
Built using gcc 4.1.2 20070925 (Red Hat 4.1.2-27).
--
Although the patch submitted with bug #2764 improves IPFIX decoding
dramatically (Thanks!) there was one small issue that was overlooked.
Specifically, RFC 5103, in addition to specifying the use of the special PEN
(Private Enterprise Number) to mark reverse-direction fields, also introduced a
new template element, biflowDirection (239).
I have attached a small patch that addresses this oversight by adding decode
support for this template element.
--
Configure bugmail: https://bugs.wireshark.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
