https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=6854
--- Comment #11 from Bill Meier <wmeier@xxxxxxxxxxx> 2012-04-09 07:19:46 PDT ---
(In reply to comment #8)
> Definitely looks better (and I agree that this dissector was already a
> substantial piece of work).
>
> Issues I noticed in this version:
>
> 1. The dissector doesn't recognize a local-mode Read Buffer command. This
> appears as a record with only a single byte of Telnet data, with the value 02,
> followed by the Telnet EOR sequence and optionally preceded by the TN3270E
> five-byte header. So it typically looks like this in the data stream:
>
> 00 00 00 00 00 02 ff ef
>
> The dissector interprets it as:
>
> TN3270 Protocol
> TN3270E Header (Data Type: 3270_DATA)
> Bogus value: 2
> Command: End of Record
>
> which is correct except for the "Bogus value" bit. 2 is a legal 3270 command;
> it's Read Buffer for locally-attached terminals. (See the IBM 3174 Functional
> Description, section 2.1.4.)
>
> The problem seems to be in dissect_outbound_stream() in tn3270-packet.c, which
> doesn't include any of the outbound 3270 read commands in its switch statement.
>
>
Fixed in SVN #41987
--
Configure bugmail: https://bugs.wireshark.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching all bug changes.
