Huge thanks to our Platinum Members Endace and LiveAction,
and our Silver Member Veeam, for supporting the Wireshark Foundation and project.

Wireshark-dev: Re: [Wireshark-dev] [Wireshark-commits] master 104a6ed: Disable IPv4 checksum ve

Date Prev · Date Next · Thread Prev · Thread Next
From: Joerg Mayer <jmayer@xxxxxxxxx>
Date: Sun, 2 Mar 2014 14:57:42 +0100
On Sat, Mar 01, 2014 at 01:49:58PM +0000, Wireshark code review wrote:
> URL: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=104a6edd1fb703c5c2319c893720df86f8c9a9e7
...
> 104a6ed by Gerald Combs (gerald@xxxxxxxxxxxxx):
> 
>     Disable IPv4 checksum verfification to match TCP and UDP.
>     
>     Offloading seems to be very common nowadays and having this option
>     enabled by default generates a lot of false positives. Suggested by
>     Laura Chappell.
>     
>     Change-Id: I285f218efb3c9f164d8ad7a6d6de8270e442ffff

While this is currently the right thing to do, it might make more sense
to disable all this checksum verification stuff only for outgoing traffic.
Unfortunately our current captures don't support that distinction. What
would be required where to make this possible?
My guess:
- Add a metadata element "direction" to the capture information provided
  by the network driver and
- add "direction" element to libpcap packet header and fill it with the
  information from above.
How much work would that amount to?

Ciao
   Jörg
-- 
Joerg Mayer                                           <jmayer@xxxxxxxxx>
We are stuck with technology when what we really want is just stuff that
works. Some say that should read Microsoft instead of technology.