[tcpdump-workers] icmp: ip reassembly time exceeded ...

rmkml Fri, 06 Jun 2003 03:40:59 -0700

Hi,

On this link, you find my tcpdump file: (470ko)
http://crusoecids.dyndns.org/icmpipreassemblytimeexceeded.tcpdump.gz


this file is recorded with tcpdump372 on freebsd48,
yes this file contains p2p edonkey [4662] ...

but on this file, I read :
09:01:08.317354 195.146.229.47 > 81.51.107.135: icmp: ip reassembly time
exceeded for 81.51.107.135.4662 > 195.146.229.47.3039: [|tcp] (frag
63732:[EMAIL PROTECTED]) (ttl 55, len 60) (ttl 119, id 59326, len 56)


but I not found any fragment on this two ips !

Strange ?

and if read tcpdump file with tethereal0912 :
1291 09:01:08.317354 195.146.229.47 -> 81.51.107.135 ICMP Time-to-live
exceeded
and tethereal -V :
Internet Control Message Protocol
    Type: 11 (Time-to-live exceeded)
    Code: 1 (TTL equals 0 during reassembly)

Thanks for your Answers.

Regard

PS: Sorry for my bad speak English.

-
This is the TCPDUMP workers list. It is archived at
http://www.tcpdump.org/lists/workers/index.html
To unsubscribe use mailto:[EMAIL PROTECTED]

[tcpdump-workers] icmp: ip reassembly time exceeded ...

Reply via email to