Hi,
I just came across a problem where reassembly of IP fragments failed/messed up, see
https://code.wireshark.org/review/#/c/13452/
The problem was fixed by changing line 2409 in packet-ip.c to
iph->ip_p ^ iph->ip_id ^ src32 ^ dst32 ^
pinfo->vlan_id,
e.g throw vlan_id into the mix as well.
A better fix might be to change the
addresses_reassembly_table_functions functions ( reassembly.c line 152) to include
VLAN Id as well, Opinions?
I think similar problems may exist in the TCP dissector too e.g TCP messages on different VLANS seen as duplicates possibly messing up
TCP analysis and reassembly. Perhaps conversations should take VLAN into account too.
Best regards
Anders
