Wireshark-dev: Re: [Wireshark-dev] [PATCH] bugfix : ICMP unreachable and tcp seq not shown
From: Sebastien Tandel <[email protected]>
Date: Thu, 14 Dec 2006 15:39:03 +0100
I am not sure it's broken ...

ICMP and ICMPv6 are rather different ...
- ICMP states that you have to put the IP header + 64 bits of data
- ICMPv6 RFC states, and I quote, you have to put
"As much of invoking packet as will fit without the ICMPv6 packet
exceeding the minimum IPv6 MTU [IPv6]"

IPv6 MTU may vary ... but should certainly include the TCP seq number.
For that field, IMHO, I think we are safe.

Nevertheless, if you want *all* the potential fields, wireshark is not
since IPv6 MTU is not a *fixed* parameter. Therefore the solution would
be to do the check for every item which is not added directly to the
tree. I don't know if it has a real interest ... it will probably mess a
little bit more the code of the TCP dissector.

Do someone have an ICMPv6 unreachable pcap ? (with different IPv6 MTU
... hum! yes ok, one should already be good :))

Regards,
Sebastien Tandel

Jeff Morriss wrote:
> Another question (that I don't have the time to research at the moment): 
> does the same problem exist with IPv6?  If so, your patch won't solve 
> that problem (because ICMPv6 shows up as "icmpv6").
>
> Sebastien Tandel wrote:
>   
>> Here is a little trace created with hping3 :)
>>
>>
>> Stephen Fisher wrote:
>>   
>>     
>>> On Tue, Dec 12, 2006 at 05:06:49PM +0100, Sebastien Tandel wrote:
>>>
>>>   
>>>     
>>>       
>>>>     This patch should resolve the problem of the TCP seq number which 
>>>> is not shown when dissecting an ICMP Unreachable packet.
>>>>     
>>>>       
>>>>         
>>>   
>>>     
>>>       
>>>> It is related to the bug 595.
>>>>     
>>>>       
>>>>         
>>> Do you have a sample capture you can attach to bug 595 for us to 
>>> reproduce/verify the fix?
>>>
>>>     
>>>       
>
> _______________________________________________
> Wireshark-dev mailing list
> [email protected]
> http://www.wireshark.org/mailman/listinfo/wireshark-dev
>