Wireshark-bugs: [Wireshark-bugs] [Bug 5770] Add conversation tracking to ICMP.
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5770
--- Comment #20 from Chris Maynard <christopher.maynard@xxxxxxxxx> 2011-03-23 10:24:01 PDT ---
(In reply to comment #17)
> I just learned something new about icmp packets, at least from a FreeBSD Unix
> box. The first part of the payload is a tv32 timestamp:
>
> struct tv32 {
> int32_t tv32_sec;
> int32_t tv32_usec;
> };
Funny, I learned pretty much the same thing with Windows & Linux while
tinkering with the timestamps. And that's why even when the seq #'s wrap
around again the packets don't match because the payload isn't exactly the
same.
> And if you specify the payload to be too small (-s parameter to ping), then it
> no longer tracks response time!
Hmm, for me it does. I uploaded another capture file with some 1-byte ping
payloads that still works for me using the latest patch here. Maybe there is
some other reason why they're not being tracked? Could you post a capture file
where the tracking doesn't work?
> Not sure if this would be useful to show in
> Wireshark, but here is a link to the source code (look for the pinger
> function);
>
> http://svn.freebsd.org/viewvc/base/head/sbin/ping/ping.c?view=markup
If there's enough bytes in the payload, I guess it could be displayed. Does
every OS's ping do this?
--
Configure bugmail: https://bugs.wireshark.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.