On Sun, Nov 26, 2006 at 11:10:05PM -0500, Yann Berthier wrote:
> On a capture of netflow v9 traffic from 2 routers, where r1 exports
> data flowsets using template id 257 and template flowsets of said id
> of 21 fields, and r2 exports a template flowset for id == 257 of 23
> fields, wireshark (0.99.4) mixes-up the templates when decoding the
> flowsets from r1 - it uses the last template cached, be it from r1
> or r2, to decode the data flowsets from r1
This sounds like a problem with the dissector. Could you file a bug at
http://bugzilla.wireshark.org/ and attach a capture file that you see
the problem with?
Steve
