Package: wireshark Version: 1.0.2-3 Severity: normal "TCP Port numbers reused" happens every now and then, especially if the capture is run over a longer time and the client OS does not use a wide range of local ports.
Now I noticed that at least for HTTP the extremely useful "Follow TCP stream" function ignores all data in the second TCP stream. This hides potentially interesting data. How to repeat ------------- Use the following Perl script that does two HTTP GET request using the same local port number. Insert a web server in the $host variable, and capture the traffic. ----------------------------------------------------------- #!/usr/bin/perl -w use IO::Socket; use strict; my $host = 'a.web.server'; for my $i (1..2) { my $sock = new IO::Socket::INET ( PeerAddr => $host, PeerPort => 80, Proto => 'tcp', LocalPort => 9999, ReuseAddr => 1, ) || die ("Cannot create socket: $!.\n"); print $sock "GET / HTTP/1.0\r\n" . "Host: $host\r\n" . "X-Round: $i\r\n" . "\r\n"; while (defined (my $line = <$sock>)) { ; } undef $sock; last if ($i == 2); sleep (1); } exit 0; ----------------------------------------------------------- Open the capture file in wireshark and select "Follow TCP stream". Expected behaviour: wireshark shows both request/response pairs. Seen behaviour: wireshark always only shows the first pair, identified by the "X-Round: 1" header. Selecting a packet of the second pair before doing the "Follow TCP stream" does not help. -- System Information: Debian Release: lenny/sid APT prefers testing APT policy: (500, 'testing') Architecture: amd64 (x86_64) Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/bash Versions of packages wireshark depends on: ii libadns1 1.4-0.1 Asynchronous-capable DNS client li ii libatk1.0-0 1.22.0-1 The ATK accessibility toolkit ii libc6 2.7-13 GNU C Library: Shared libraries ii libcairo2 1.6.4-6 The Cairo 2D vector graphics libra ii libcomerr2 1.41.0-3 common error description library ii libgcrypt11 1.4.1-1 LGPL Crypto library - runtime libr ii libglib2.0-0 2.16.4-2 The GLib library of C routines ii libgnutls26 2.4.1-1 the GNU TLS library - runtime libr ii libgtk2.0-0 2.12.11-3 The GTK+ graphical user interface ii libkrb53 1.6.dfsg.4~beta1-3 MIT Kerberos runtime libraries ii libpango1.0-0 1.20.5-1 Layout and rendering of internatio ii libpcap0.8 0.9.8-5 system interface for user-level pa ii libpcre3 7.6-2.1 Perl 5 Compatible Regular Expressi ii libportaudio2 19+svn20071022-2 Portable audio I/O - shared librar ii wireshark-common 1.0.2-3 network traffic analyser (common f ii zlib1g 1:1.2.3.3.dfsg-12 compression library - runtime Versions of packages wireshark recommends: ii gksu 2.0.0-5 graphical frontend to su wireshark suggests no packages. -- no debconf information -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]