| Bug ID |
12265
|
| Summary |
RPC/NFS incorrectly decodes as ACAP
|
| Product |
Wireshark
|
| Version |
2.0.1
|
| Hardware |
x86
|
| OS |
All
|
| Status |
UNCONFIRMED
|
| Severity |
Major
|
| Priority |
Low
|
| Component |
Dissection engine (libwireshark)
|
| Assignee |
[email protected]
|
| Reporter |
[email protected]
|
Created attachment 14418 [details]
TCP stream containing RPC NFS traffic
Build Information:
$ tshark -v
TShark (Wireshark) 2.0.1 (SVN Rev Unknown from unknown)
Copyright 1998-2015 Gerald Combs <[email protected]> and contributors.
License GPLv2+: GNU GPL version 2 or later
<http://www.gnu.org/licenses/old-licenses/gpl-2.0.html>
This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
Compiled (64-bit) with libpcap, with POSIX capabilities (Linux), without libnl,
with libz 1.2.7, with GLib 2.42.2, with SMI 0.4.8, with c-ares 1.10.0, without
Lua, with GnuTLS 3.3.8, with Gcrypt 1.5.3, with MIT Kerberos, without GeoIP.
Running on Linux 3.10.0-327.10.1.el7.x86_64, with locale en_AU.utf8, with
libpcap version 1.5.3, with libz 1.2.7, with GnuTLS 3.3.8, with Gcrypt 1.5.3.
Intel(R) Core(TM) i7-4800MQ CPU @ 2.70GHz (with SSE4.2)
Built using gcc 4.8.5 20150623 (Red Hat 4.8.5-4).
--
The attached file contains a TCP stream from an NFS mount.
This stream incorrectly decodes RPC+NFS traffic as ACAP.
Disabling the ACAP protocol results in correct decoding as RPC+NFS.
Decode As, 2049, RPC results in correct decoding as RPC+NFS.
The rest of the NFS mount was fine, just this particular stream has this issue.
Wireshark 1.x correctly decodes this stream as RPC+NFS, so it seems this is a
regression in 2.0.
You are receiving this mail because:
- You are watching all bug changes.
