Wireshark-bugs: [Wireshark-bugs] [Bug 8691] New: Adding support of BGP flow spec RFC 5575
Date Index · Thread Index · Other Months · All Mailing Lists
Date Prev · Date Next · Thread Prev · Thread Next
From: bugzilla-daemon@xxxxxxxxxxxxx
Date: Thu, 16 May 2013 22:16:24 +0000
Bug ID 8691
Summary Adding support of BGP flow spec RFC 5575
Classification Unclassified
Product Wireshark
Version SVN
Hardware All
OS Mac OS X 10.8
Status UNCONFIRMED
Severity Enhancement
Priority Low
Component Dissection engine (libwireshark)
Assignee bugzilla-admin@wireshark.org
Reporter mtexier@arbor.net 

Created attachment 10781 [details]
SVN diff output

Build Information:
Using SVN version on a MAC for development
--
Hi,

In the context of mitigation of DDoS attacks, ISP and most router vendors are
using BGP flow spec (RFC 5575) to mitigate those attacks.

Two of the main router vendor do support this protocol and the third one is
working on it for next year.

BGP flow spec NLRI and extended community was not decoded by wireshark.

I did a development on existing packet-bgp.c file to make it possible. This
extension decode all existing flow spec extended community and decode as well
the flow spec NLRI that was manage as an opaque NLRI with existing version.


I would like to propose this extension to be added in a coming wireshark
release.

This is my very first development on wireshark so feel free to give me any
remarks or advise to improve this first version.

Find attached the SVN diff output.

Thanks,
Matt.

You are receiving this mail because:
  • You are watching all bug changes.