Wireshark-bugs: [Wireshark-bugs] [Bug 11962] New: Conversations counting ICMP errors in wrong di
Date Index · Thread Index · Other Months · All Mailing Lists
Date Prev · Date Next · Thread Prev · Thread Next
From: bugzilla-daemon@xxxxxxxxxxxxx
Date: Tue, 05 Jan 2016 16:58:35 +0000
Bug ID 11962
Summary Conversations counting ICMP errors in wrong direction
Product Wireshark
Version 2.0.1
Hardware x86-64
OS SuSE
Status CONFIRMED
Severity Normal
Priority Low
Component Common utilities (libwsutil)
Assignee bugzilla-admin@wireshark.org
Reporter erwin.vandevelde@gmail.com 

Build Information:
Compiled (64-bit) with libpcap, with POSIX capabilities (Linux), with libnl 3,
with libz 1.2.8, with GLib 2.46.2, with SMI 0.4.8, with c-ares 1.10.0, with Lua
5.2, with GnuTLS 3.4.4, with Gcrypt 1.6.4, with MIT Kerberos, with GeoIP.

Running on Linux 4.3.3-3-default, with locale en_US.UTF-8, with libpcap version
1.7.3, with libz 1.2.8, with GnuTLS 3.4.4, with Gcrypt 1.6.4.
Intel(R) Core(TM) i7-4800MQ CPU @ 2.70GHz (with SSE4.2)

Built using gcc 5.2.1 20151008 [gcc-5-branchrevision 228597].
--
I am currently doing a network analysis and noticed an error in the way packets
in the conversations view are counted:

If host A sends an ICMP error to host B (e.g. TTL exceeded or destination
unreachable) corresponding to a TCP connection set up by host B to host A, the
packet(s) with ICMP errors are counted as packets from B to A from that TCP
session instead of packets from A to B.

You are receiving this mail because:
  • You are watching all bug changes.