[Windump] Windump mangles header line: reply ERR nnnn
sebb
sebbaz+wd at gmail.com
Wed Nov 22 08:20:28 PST 2006
The attached zip contains:
reply.bin - single packet capture file
reply.out - windump -nXXtt output showing header error
reply.txt - tshark -xx output for comparison
replyerr_cmd.txt - script to run windump and tshark
The last part of the header of the windump output (reply.out) is mangled:
1163052028.057160 IP 192.0.195.17.2049 > 10.88.13.9.1701209960: reply ERR 94
The port should be 4870, not 1701209960 - this value is 0x65666768
which is taken from a later part of the packet.
Hopefully this test case is enough to allow the cause to be
determined; if not, please let me know - I can provide others if
necessary.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: replyErr.zip
Type: application/zip
Size: 1211 bytes
Desc: not available
Url : http://www.winpcap.org/pipermail/windump/attachments/20061122/96125ceb/attachment.zip
More information about the Windump
mailing list