| Bug ID |
12543
|
| Summary |
Detect mismatch between ethertype and payload packet
|
| Product |
Wireshark
|
| Version |
1.12.1
|
| Hardware |
x86
|
| OS |
All
|
| Status |
UNCONFIRMED
|
| Severity |
Enhancement
|
| Priority |
Low
|
| Component |
GTK+ UI
|
| Assignee |
[email protected]
|
| Reporter |
[email protected]
|
Created attachment 14657 [details]
Capture with packets where ethertype is IPv4 and ethernet payload is an IPv6
packet
Build Information:
simon@PC-1356:~$ cat /etc/debian_version
8.5
simon@PC-1356:~$ uname -a
Linux PC-1356 3.16.0-4-amd64 #1 SMP Debian 3.16.7-ckt25-2 (2016-04-08) x86_64
GNU/Linux
simon@PC-1356:~$ wireshark -h
Wireshark 1.12.1 (Git Rev Unknown from unknown)
--
Wireshard does not flag a mismatch between the ethertype and the actual encoded
ethernet payload. For example when sending packets with an ethetype for IPv4
and an IPv6 payload.
Attached is a pcap file which contains a stream of such packets.
The ethertype is 0x0800 = IPv4, but the payload is IPv6. This means that either
the ethertype should be "bad" because it is not 0x86DD (=IPv6) or the IPv6
payload should be red because its not an IPv4 packet.
You are receiving this mail because:
- You are watching all bug changes.
