I am not sure it's broken ...
ICMP and ICMPv6 are rather different ...
- ICMP states that you have to put the IP header + 64 bits of data
- ICMPv6 RFC states, and I quote, you have to put
"As much of invoking packet as will fit without the ICMPv6 packet
exceeding the minimum IPv6 MTU [IPv6]"
IPv6 MTU may vary ... but should certainly include the TCP seq number.
For that field, IMHO, I think we are safe.
Nevertheless, if you want *all* the potential fields, wireshark is not
since IPv6 MTU is not a *fixed* parameter. Therefore the solution would
be to do the check for every item which is not added directly to the
tree. I don't know if it has a real interest ... it will probably mess a
little bit more the code of the TCP dissector.
Do someone have an ICMPv6 unreachable pcap ? (with different IPv6 MTU
... hum! yes ok, one should already be good :))
Regards,
Sebastien Tandel
Jeff Morriss wrote:
> Another question (that I don't have the time to research at the moment):
> does the same problem exist with IPv6? If so, your patch won't solve
> that problem (because ICMPv6 shows up as "icmpv6").
>
> Sebastien Tandel wrote:
>
>> Here is a little trace created with hping3 :)
>>
>>
>> Stephen Fisher wrote:
>>
>>
>>> On Tue, Dec 12, 2006 at 05:06:49PM +0100, Sebastien Tandel wrote:
>>>
>>>
>>>
>>>
>>>> This patch should resolve the problem of the TCP seq number which
>>>> is not shown when dissecting an ICMP Unreachable packet.
>>>>
>>>>
>>>>
>>>
>>>
>>>
>>>> It is related to the bug 595.
>>>>
>>>>
>>>>
>>> Do you have a sample capture you can attach to bug 595 for us to
>>> reproduce/verify the fix?
>>>
>>>
>>>
>
> _______________________________________________
> Wireshark-dev mailing list
> Wireshark-dev@xxxxxxxxxxxxx
> http://www.wireshark.org/mailman/listinfo/wireshark-dev
>
