Hi
2010/10/25 Pascal Quantin <pascal.quan...@gmail.com>
> Hi,
>
> 2010/10/25 Jeff Morriss <jeff.morriss...@gmail.com>
>
>> Pascal Quantin wrote:
>> > Hi,
>> >
>> > since revision 34640, none of UDP heuristic dissectors I use (LTE-MAC,
>> > LTE-RLC or LTE-PDCP) work: all the frames are decoded as ADwin
>> > configuration protocol.
>> >
>> > When looking at the code in function dissect_adwin_config() (file
>> > packet-adwin-config.c), the heuristic seems a bit weak:
>> > [...]
>> > length = tvb_reported_length(tvb);
>> >
>> > if (pinfo->ipproto == IP_PROTO_UDP &&
>> > ! (length == UDPStatusLENGTH
>> > || length == UDPExtStatusLENGTH
>> > || length == UDPMessageLENGTH
>> > || length == UDPMessageLENGTH_wrong
>> > || length == UDPInitAckLENGTH
>> > || length == UDPIXP425FlashUpdateLENGTH
>> > || length == UDPOutLENGTH))
>> > return (0);
>> > [...]
>> >
>> > Could it be possible to do something more robust ?
>>
>> Oops, sorry. We're discussing some stronger heuristics in bug 5324.
>>
>
> While you iterate on it, would it be possible to add a preference (off by
> default) stating whether the ADwin heuristic dissectors are activated or not
> (like what is done in packet-mac-lte.c for example) ?
>
Having a second look at the code, it's even worse than what I first thought.
Any pinfo->ipproto different from IP_PROTO_UDP or IP_PROTO_TCP will be
intercepted by the ADwin dissector.
Adding something like:
if (pinfo->ipproto != IP_PROTO_UDP && pinfo->ipproto != IP_PROTO_TCP)
return (0);
Solved the issue on my side.
Regards,
Pascal.
___________________________________________________________________________
Sent via: Wireshark-dev mailing list <wireshark-dev@wireshark.org>
Archives: http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe
