Wireshark-bugs: [Wireshark-bugs] [Bug 12308] New: IUA protocol mixed up with V5UA
Date: Wed, 30 Mar 2016 11:34:58 +0000
Bug ID 12308
Summary IUA protocol mixed up with V5UA
Product Wireshark
Version 2.0.2
Hardware x86
OS Windows 7
Status UNCONFIRMED
Severity Major
Priority Low
Component Dissection engine (libwireshark)
Assignee bugzilla-admin@wireshark.org
Reporter ahmed.mahmoudzaki@gmail.com

Build Information:
Version 2.0.2 (v2.0.2-0-ga16e22e from master-2.0)

Copyright 1998-2016 Gerald Combs <gerald@wireshark.org> and contributors.
License GPLv2+: GNU GPL version 2 or later
<http://www.gnu.org/licenses/old-licenses/gpl-2.0.html>
This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

Compiled (64-bit) with Qt 5.3.2, with WinPcap (4_1_3), with libz 1.2.8, with
GLib 2.42.0, with SMI 0.4.8, with c-ares 1.9.1, with Lua 5.2, with GnuTLS
3.2.15, with Gcrypt 1.6.2, with MIT Kerberos, with GeoIP, with QtMultimedia,
with AirPcap.

Running on 64-bit Windows 7 Service Pack 1, build 7601, with locale C, with
WinPcap version 4.1.3 (packet.dll version 4.1.0.2980), based on libpcap version
1.0 branch 1_0_rel0b (20091008), with GnuTLS 3.2.15, with Gcrypt 1.6.2, without
AirPcap.
AMD A10-5750M APU with Radeon(tm) HD Graphics   (with SSE4.2), with 7369MB of
physical memory.


Built using Microsoft Visual C++ 12.0 build 40629

Wireshark is Open Source Software released under the GNU General Public
License.

Check the man page and http://www.wireshark.org for more information.
--
Starting wireshark 1.11, seems like wireshark isn't able to parse IUA protocol
packets correctly, instead we have to decode the packet as v5ua in order to be
able to parse the packet correctly.

Details about calling number and called number are missing even though the
protocol used in the network is IUA, it has to be treated as v5ua (within
wireshark) in order to be decoded correctly.

Please note iua was working fine till 1.10.something


You are receiving this mail because:
  • You are watching all bug changes.