Huge thanks to our Platinum Members Endace and LiveAction,
and our Silver Member Veeam, for supporting the Wireshark Foundation and project.

Wireshark-bugs: [Wireshark-bugs] [Bug 4945] New: wireshark via ssh -X on ipv6 link-local address

Date: Mon, 28 Jun 2010 06:44:28 -0700 (PDT)
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4945

           Summary: wireshark via ssh -X on ipv6 link-local address fails
                    to allow capture
           Product: Wireshark
           Version: SVN
          Platform: All
        OS/Version: All
            Status: NEW
          Severity: Normal
          Priority: Low
         Component: Wireshark
        AssignedTo: wireshark-bugs@xxxxxxxxxxxxx
        ReportedBy: jsafrane@xxxxxxxxxx


Created an attachment (id=4857)
 --> (https://bugs.wireshark.org/bugzilla/attachment.cgi?id=4857)
proposed patch

Build Information:
wireshark 1.5.0 (SVN Rev 33348 from /trunk)

Copyright 1998-2010 Gerald Combs <gerald@xxxxxxxxxxxxx> and contributors.
This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

Compiled with GTK+ 2.18.9, (64-bit) with GLib 2.22.5, with libpcap 1.0.0, with
libz 1.2.3, without POSIX capabilities, without libpcre, with SMI 0.4.8,
without
c-ares, without ADNS, with Lua 5.1, without Python, with GnuTLS 2.8.5, with
Gcrypt 1.4.5, with MIT Kerberos, without GeoIP, without PortAudio, without
AirPcap.

Running on Linux 2.6.32-36.el6.x86_64, with libpcap version 1.0.0, with libz
1.2.3, GnuTLS 2.8.5, Gcrypt 1.4.5.

Built using gcc 4.4.4 20100611 (Red Hat 4.4.4-8).

--
when using a remote wireshark connected via ssh using link-local ipv6 address
and X tunneling, capture fails.

Steps to Reproduce:
1. ssh -X link_local_ipv6_addr%eth0
2. wireshark
3. start capture

Actual Results:
Invalid capture filter: "not (tcp port 56446 and ip host
fe80::216:41ff:fee4:1d99%eth0 and tcp port 22 and ip host
fe80::216:41ff:fee4:1d99%eth0)"!

That string isn't a valid capture filter (illegal token: %).

Expected Results:
Capture starts

Additional info:
$ set | grep SSH
SSH_CLIENT='fe80::216:41ff:fee4:1d99%eth0 56446 22'
SSH_CONNECTION='fe80::216:41ff:fee4:1d99%eth0 56446
fe80::216:41ff:fee4:1d99%eth0 22'

'%eth0' from these env. variables gets into default filter -> parsing error.

Attached patch removes any %<interface name> from IP addresses when composing
the default filter.

-- 
Configure bugmail: https://bugs.wireshark.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.