https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4014
--- Comment #21 from Chris Maynard <christopher.maynard@xxxxxxxxx> 2010-09-16 07:05:12 PDT ---
(In reply to comment #16)
> id=0x412b, seq=1/256, ttl=64
Looks good to me too.
> As for the identifier field, FreeBSD at least on 8.1-RELEASE sends the
> identifier out as little-endian on a little endian host while Wireshark
> displays it in big endian format. I never realized that the ident field was
> based on the process id, but sure enough on FreeBSD, /usr/src/sbin/ping/ping.c
> does this:
>
> ident = getpid() & 0xFFFF;
Which is a bug of course. Starting with iputils-s20100214, this has been
corrected to:
ident = htons(getpid() & 0xFFFF);
Not sure if FreeBSD has picked this up yet?
> What a pain.
Indeed.
(In reply to comment #20)
> I also changed both representations of the identifier field from BASE_HEX to
> BASE_DEC_HEX for easy reference to Unix process ids.
Nice. It should be obvious through process of elimination that both
"Identifier" and "Sequence number" are the Big Endian representations ... but
should they be changed to "Identifier (BE)" and "Sequence number (BE)" to
explicitly indicate the endian-ness and match their (LE) counterparts?
--
Configure bugmail: https://bugs.wireshark.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
