ANNOUNCEMENT: Live Wireshark University & Allegro Packets online APAC Wireshark Training Session
July 17th, 2024 | 10:00am-11:55am SGT (UTC+8) | Online
Wireshark logo

Wireshark-bugs: [Wireshark-bugs] [Bug 12818] New: Cassandra CQL dissector not processing later C

Date Prev · Date Next · Thread Prev · Thread Next
Date Index · Thread Index · Other Months · All Mailing Lists
From: bugzilla-daemon@xxxxxxxxxxxxx
Date: Fri, 02 Sep 2016 17:46:38 +0000
Bug ID 12818
Summary Cassandra CQL dissector not processing later CQL minor version
Product Wireshark
Version 2.2.0
Hardware x86
OS Windows 7
Status UNCONFIRMED
Severity Major
Priority Low
Component Dissection engine (libwireshark)
Assignee [email protected]
Reporter [email protected] 

Created attachment 14878 [details]
capture file

Build Information:
Version 2.2.0rc2 (v2.2.0rc2-0-g7670a27 from master-2.2)

Copyright 1998-2016 Gerald Combs <[email protected]> and contributors.
License GPLv2+: GNU GPL version 2 or later
<http://www.gnu.org/licenses/old-licenses/gpl-2.0.html>
This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

Compiled (64-bit) with Qt 5.3.2, with WinPcap (4_1_3), with GLib 2.42.0, with
zlib 1.2.8, with SMI 0.4.8, with c-ares 1.11.0, with Lua 5.2.4, with GnuTLS
3.2.15, with Gcrypt 1.6.2, with MIT Kerberos, with GeoIP, with QtMultimedia,
with AirPcap.

Running on 64-bit Windows 7 Service Pack 1, build 7601, with locale
English_United States.1252, with WinPcap version 4.1.3 (packet.dll version
4.1.0.2980), based on libpcap version 1.0 branch 1_0_rel0b (20091008), with
GnuTLS 3.2.15, with Gcrypt 1.6.2, without AirPcap.
Intel(R) Core(TM) i7 CPU         870  @ 2.93GHz (with SSE4.2), with 8127MB of
physical memory.


Built using Microsoft Visual C++ 12.0 build 40629

Wireshark is Open Source Software released under the GNU General Public
License.

Check the man page and http://www.wireshark.org for more information.
--
I am having problems with viewing CQL. I am using WS 2.2.0rc2 (just released
yesterday). I load the pcap and it comes up as TCP frames. I try to do
"Analyze->Decode As..." using CQL, it rescans the file and, again, displays as
TCP frames.

In the early frames from my Cassandra box I can see "CQL_VERSION....3.4.2". In
the release notes it says "New Protocol Support" "Apache Cassandra - CQL
version 3.0". Is this an issue with a minor release of CQL?
___________________

I was told by Jaap: "It could very well be. The dissector checks the very first
byte of every packet and if it's not 0x03 or 0x83 then it will spit it out. If
you can share the capture file this could be confirmed."
___________________

I replied: "That is it. They start with 0x04 and 0x84.

You are receiving this mail because:
  • You are watching all bug changes.
Wireshark logo footer

© Wireshark Foundation · Privacy Policy

Facebook·Mastodon·Twitter·YouTube