Wireshark-dev: [Wireshark-dev] COTP dissector problems
From: Daniele Pala <[email protected]>
Date: Sun, 19 May 2013 14:38:04 +0200
Hello, I've written a simple RFC 1006 implementation (https://github.com/danielePala/tosi) and used Wireshark to monitor the generated traffic. I'm seeing some problems, I attach a capture file to illustrate them, generated by the test cases of my implementation:

1. A lot of packets are marked as malformed, with reference to the T.125 protocol (which I never intended to implement). See, for example, packet number 4 of the capture file.

2. It seems that the ER (error) TPDU is not recognized, see packet number 26 for example.

3. RFC 1006 defines a non-standard TPDU to support expedited data (see page 14 of the standard, http://tools.ietf.org/html/rfc1006), but this is not recognized, see packet number 132 for example.

Of course, the attached capture file can be also generated by re-running the tests of my package.

NOTE: I'm using Wireshark 1.8.2 shipped with Debian Wheezy, however, in the changelogs of the more recent versions I haven't found mentions to these issues, so I suppose they are still there.

Best regards,
Daniele Pala

Attachment: tosi.gz
Description: GNU Zip compressed data