Re: Reassembly of IP fragments gets confused by multiple packets on different VLANS

[Michael Mann <mmann78 () netscape net>]

See bug 4561 (https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4561)
 
 
 
-----Original Message-----
From: Anders Broman <anders.broman () ericsson com>
To: wireshark-dev <wireshark-dev () wireshark org>
Sent: Wed, Jan 20, 2016 10:13 am
Subject: [Wireshark-dev] Reassembly of IP fragments gets confused by multiple packets on different VLANS



Hi,
I just came across a problem where reassembly of IP fragments failed/messed up, 
seehttps://code.wireshark.org/review/#/c/13452/
The problem was fixed by changing line 2409 in packet-ip.c to
                                   iph->ip_p ^ iph->ip_id ^ src32 ^ dst32 ^pinfo->vlan_id,
e.g throw vlan_id into the mix as well.
 
A better fix might be to change the addresses_reassembly_table_functions functions ( reassembly.c line 152) to include
VLAN Id as well, Opinions?
 
I think similar problems may exist in the TCP dissector too e.g TCP messages on different VLANS seen as duplicates 
possibly messing up
TCP analysis and reassembly. Perhaps conversations should take VLAN into account too.
Best regards
Anders

___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev () wireshark org>
Archives:    https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
             mailto:wireshark-dev-request () wireshark org?subject=unsubscribe

___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev () wireshark org>
Archives:    https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
             mailto:wireshark-dev-request () wireshark org?subject=unsubscribe