I've seen the same problem and can reproduce it. It occurs when UDP packets are transmittted. I used tcpdump's -X option to analyze the packets and all fields are correct except for the UDP checksum. In one test, I sent a single UDP packet between two machines and found that only the checksum differed (being wrong in the trace on the transmitting machine).
While the problem may be in tcpdump or a library it uses, it could also be a kernel bug that results in a incorrect copy of the packet being sent to tcpdump: I verified that all the fields in a transmitted packet are correct except for the UDP checksum - I compared ithe traces for the transmitted packet versus the received packet. I've enclosed the software I used in the attachment: a couple of very short programs (I'm running ubuntu dapper). ** Attachment added: "tcpdump traces, analysis, and test software" http://librarian.launchpad.net/5579829/bugreport -- ethereal and tcpdump show a lot of packets with incorrect checksum https://launchpad.net/bugs/31273 -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
