That certainly does look the same scenario - as the last update was 2010
can I assume that this will not be fixed any time soon?On Fri, Aug 10, 2012 at 7:10 AM,
<mmann78@xxxxxxxxxxxx> wrote:
I believe you're referring to this bug:
-----Original Message-----
From: John Powell <
jrp999@xxxxxxxxx>
To: Developer support list for Wireshark <
wireshark-dev@xxxxxxxxxxxxx>
Sent: Fri, Aug 10, 2012 8:58 am
Subject: Re: [Wireshark-dev] Packets in different VLANS flagged as duplicated Packets in RTP Stream Analysis
Hi Everyone,
I should have noted the following:
- I am running Wireshark 1.8.1 (compiled from source) under CentOS 6.3.
- Dumpcap command command line is:
/usr/local/bin/dumpcap -B 32 -i 2 -f vlan and (not vrrp and not udp port 1985 and not ether host 01:00:0c:cc:cc:cc) -b files:1200 -b filesize:250000 -b duration:900 -w /var/opt/data/captures/eth1.cap
Thanx in advance for any guidance!
John
On Fri, Aug 10, 2012 at 6:48 AM, John Powell
<jrp999@xxxxxxxxx> wrote:
Hi Everyone,
I am running Dumpcap as a service.
My users have told me that when they select a packet capture then select Telephony - RTP - Show all Streams that it indicates packets are being duplicated (negative packet loss).
For the packets being duplicated (negative packet loss), I discovered that there are in fact 2 packets being seen by Wireshark with the same SRC/DST IP Addresses and the same ID number BUT different VLANS tags.
Is this an error in Wireshark that should be fixed or is there some way to configure Wireshark to look at the VLAN tag as well as the ID number before determining a packet is duplicated?
Thanx alot!
John
___________________________________________________________________________
Sent via: Wireshark-dev mailing list <wireshark-dev@xxxxxxxxxxxxx>
Archives: http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
mailto:wireshark-dev-request@xxxxxxxxxxxxx?subject=unsubscribe
