On Sep 30, 2011, at 5:46 PM, Nadir BENOUHOUD wrote:
> I work on the 1.0.6 version of wireshark, I find the file (packet-ipsec.c) where there is the specification of IPSec in IPv4, I wonder if there is another file for ipsec IPv6specification.
1.0.6 is a *very* old version of Wireshark; we no longer support it, and you're probably not going to get much help developing for it. The current version is 1.6.2; we also still provide support for 1.4.x, and development is done on the SVN trunk.
At least in the top of the SVN trunk, the AH and ESP dissectors register in the "ip.proto" dissector table, which is used by the IPv4 *AND* IPv6 dissectors. The ESP dissector checks whether the source address is an IPv4 address or an IPv6 address to determine whether it's running over IPv4 over IPv6, so packet-ipsec.c should handle IPSec over IPv4 or IPv6. If there are places where it does not correctly handle ESP-over-IPv6, please let us know and, if you have a fix, please send us a patch for the fix.
