Huge thanks to our Platinum Members Endace and LiveAction,
and our Silver Member Veeam, for supporting the Wireshark Foundation and project.
Wireshark logo

Wireshark-bugs: [Wireshark-bugs] [Bug 7250] New: IPv6 filters built from "Protocol Hierarchy Sta

Date Prev · Date Next · Thread Prev · Thread Next
Date Index · Thread Index · Other Months · All Mailing Lists
From: bugzilla-daemon@xxxxxxxxxxxxx
Date: Fri, 11 May 2012 18:12:52 -0700 (PDT)
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=7250

           Summary: IPv6 filters built from "Protocol Hierarchy
                    Statistics" dialog not specific
           Product: Wireshark
           Version: 1.6.7
          Platform: x86-64
        OS/Version: Windows 7
            Status: NEW
          Severity: Normal
          Priority: Low
         Component: Wireshark
        AssignedTo: bugzilla-admin@xxxxxxxxxxxxx
        ReportedBy: benedictcc@xxxxxxxxx


Build Information:
Version 1.6.7 (SVN Rev 41973 from /trunk-1.6)

Copyright 1998-2012 Gerald Combs <gerald@xxxxxxxxxxxxx> and contributors.
This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

Compiled (64-bit) with GTK+ 2.22.1, with GLib 2.26.1, with WinPcap (version
unknown), with libz 1.2.5, without POSIX capabilities, without libpcre, without
SMI, with c-ares 1.7.1, with Lua 5.1, without Python, with GnuTLS 2.12.18, with
Gcrypt 1.4.6, without Kerberos, with GeoIP, with PortAudio V19-devel (built Apr 
6 2012), with AirPcap.

Running on 64-bit Windows 7 Service Pack 1, build 7601, with WinPcap version
4.1.2 (packet.dll version 4.1.0.2001), based on libpcap version 1.0 branch
1_0_rel0b (20091008), GnuTLS 2.12.18, Gcrypt 1.4.6, without AirPcap.

Built using Microsoft Visual C++ 9.0 build 21022

Wireshark is Open Source Software released under the GNU General Public
License.

Check the man page and http://www.wireshark.org for more information.
--
In the "Protocol Hierarchy Statistics" dialog, one can right-click and build
filters to include/exclude the selected kind of network traffic. However, the
filters built for certain kinds of IPv6 traffic are not specific enough, and
include IPv4 traffic as well.

For example, in a packet capture that contains IPv6 TCP traffic, one should be
able to build a quick filter to view all IPv6 TCP by opening the "Protocol
Hierarchy Statistics", expanding the Internet Protocol Version 6 tree, and
right-clicking on the Transmission Control Protocol.  However, the filter
generated in this manner is "tcp", which also includes IPv4 TCP traffic.

The correct behavior, in my opinion, should be to generate the filter "ipv6 &&
tcp". 

This same non-specific filter generation applies to most other IPv6 traffic
(UDP, HTTP, DNS, etc.), with the exception of ICMPv6, likely since this latter
has a distinctive name.

Thank you for your time, and a wonderful product.

-- 
Configure bugmail: https://bugs.wireshark.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching all bug changes.
Wireshark logo footer

© Wireshark Foundation · Privacy Policy

Facebook·Mastodon·Twitter·YouTube