Wireshark-bugs: [Wireshark-bugs] [Bug 5422] Support for dissecting SLL type 0x03 frames (raw Eth
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5422
Tyson Key <tyson.key@xxxxxxxxx> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |tyson.key@xxxxxxxxx
--- Comment #4 from Tyson Key <tyson.key@xxxxxxxxx> 2010-11-21 02:49:19 PST ---
Apologies for the delay in responding (I'm observing GMT here). That's a
pertinent question, Guy.
I haven't spent a great deal of time on researching this stuff, to be honest.
(I confirmed my intuition that these frames were Ethernet by extracting the
payloads from some frames in a Linux Cooked capture file as a hex-with-offsets
stream, and used text2pcap to convert them into a file with a custom DLT value
- which of course was fed back into Wireshark).
I suspect that DHClient might be doing something unusual at a low level, given
that these packets appear whenever I run it, though.
---
As for at least ATA-over-Ethernet discovery packets, it seems that I see
duplicates when capturing from the "any" interface. Both sets of packets have
the same EtherType/SLL Link Type code - although one of them (destined for an
802.11 interface?) also contains Ethernet framing after the SLL header that's
incorrectly dissected. Not a big problem personally, but I can file a bug if it
helps.
--
Configure bugmail: https://bugs.wireshark.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.