On Wed, Aug 1, 2012 at 3:34 PM, Andre Steenveld
<andre.steenveld@xxxxxxxxxxxxx> wrote:
> All is clear except the line “[Destination reference: 0x40000]”
>
> The ‘[‘ and ‘]’ suggest that Wireshark did add this line to the output and
> that the data is not from the frame itself.
Wireshark uses the dst-ref as a part of it's routines for reassembly.
For COTP frames without dst-ref we generate a unique dst-ref to use
for reassembly, and present this inside [ and ] to indicate that
wireshark did generate this.
I don't remember the details, but this is the svn log entry for the
change (revision 22173):
"This patch fixes reassembly when receiving a SES MINOR SYNC POINT and a
COTP DT Data (class 1) fragment in the same frame. Also added the
generated dst_ref and a reference to the "COTP segment data" to the
tree."
Maybe the correct solution is to just remove the “[Destination
reference: 0x40000]” line, as it may confuse?
--
Stig Bjørlykke
