Wireshark-users: Re: [Wireshark-users] the Fragment offset field in IP packet should follow the R
Date Index · Thread Index · Other Months · All Mailing Lists
Date Prev · Date Next · Thread Prev · Thread Next
From: damker <damker@xxxxxxxx>
Date: Sun, 21 Jun 2020 10:26:24 +0800
my version was 3.0.6.
when i upgrade to 3.0.11, it shows like this "Fragment offset: 856".

damker
 
发件人: Jaap Keuter
发送时间: 2020-06-19 23:10
主题: Re: [Wireshark-users]the Fragment offset field in IP packet should follow the Raw bitstream?
That was a nice bit of source code archeology, but I’ve found that this format was changed in commit 7f6d5c04a86 with the comment:

commit 7f6d5c04a869525d31e8d6e260d5195857481031
Author: Martin Mathieson <martin.r.mathieson@xxxxxxxxxxxxxx>
Date:   Wed Aug 29 15:35:27 2007 +0000

    Don't show fragment offset as a bit field, but note number of bits used in long text.
    
    svn path=/trunk/; revision=22727

Note the date, that was back in 2007, so this format disappeared before Wireshark 1.0.
Where did you get this from?

Thanks,
Jaap


On 19 Jun 2020, at 09:48, damker <damker@xxxxxxxx> wrote:

an IP packet decode As follows:
    ...
    Flags: 0x006b
        0... .... .... .... = Reserved bit: Not set
        .0.. .... .... .... = Don't fragment: Not set
        ..0. .... .... .... = More fragments: Not set
    ...0 0011 0101 1000 = Fragment offset: 856
    Time to live: 128

I know that it says "The fragment offset is measured in units of 8 octets (64 bits)" in RFC 791.
my question is: Flags = 0x006b, the "...0 0011 0101 1000 = Fragment offset: 856" should be "...0 0000 0110 1011 = Fragment offset: 856"?
I think the second one is more clear.



damker
 
___________________________________________________________________________
Sent via:    Wireshark-users mailing list <wireshark-users@xxxxxxxxxxxxx>
Archives:    https://www.wireshark.org/lists/wireshark-users
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-users
            mailto:wireshark-users-request@xxxxxxxxxxxxx?subject=unsubscribe