https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=16212
Bug ID: 16212
Summary: manuf.tmpl update; Organization Code in Packet Details
Product: Wireshark
Version: 3.0.6
Hardware: x86
OS: Windows 7
Status: UNCONFIRMED
Severity: Minor
Priority: Low
Component: Dissection engine (libwireshark)
Assignee: bugzilla-ad...@wireshark.org
Reporter: bubbas...@gmail.com
Target Milestone: ---
Created attachment 17472
--> https://bugs.wireshark.org/bugzilla/attachment.cgi?id=17472&action=edit
Capture with llc.oui = 00:00:00 Xerox
Build Information:
Version 3.0.6 (v3.0.6-0-g908c8e357d0f)
Copyright 1998-2019 Gerald Combs <ger...@wireshark.org> and contributors.
License GPLv2+: GNU GPL version 2 or later
<http://www.gnu.org/licenses/old-licenses/gpl-2.0.html> This is free software;
see the source for copying conditions. There is NO warranty; not even for
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
Compiled (32-bit) with Qt 5.12.5, with WinPcap SDK (WpdPack) 4.1.2, with GLib
2.52.2, with zlib 1.2.11, with SMI 0.4.8, with c-ares 1.14.0, with Lua 5.2.4,
with GnuTLS 3.6.3 and PKCS #11 support, with Gcrypt 1.8.3, with MIT Kerberos,
with MaxMind DB resolver, with nghttp2 1.39.2, with LZ4, with Snappy, with
libxml2 2.9.9, with QtMultimedia, with AirPcap, with SBC, with SpanDSP, with
bcg729.
Running on 32-bit Windows 7 Service Pack 1, build 7601, with Intel(R) Core(TM)2
Duo CPU P7570 @ 2.26GHz, with 3032 MB of physical memory, with locale
English_United States.1252, with Npcap version 0.9984, based on libpcap version
1.9.1, with GnuTLS 3.6.3, with Gcrypt 1.8.3, without AirPcap, binary plugins
supported (14 loaded). Built using Microsoft Visual Studio 2017 (VC++ 14.16,
build 27034).
Wireshark is Open Source Software released under the GNU General Public
License.
Check the man page and https://www.wireshark.org for more information.
--
First entries from "manuf" file:
--------------------------------
00:00:00 00:00:00 Officially Xerox, but 0:0:0:0:0:0 is more
common
00:00:01 Xerox Xerox Corporation
00:00:02 Xerox Xerox Corporation
00:00:03 Xerox Xerox Corporation
"# This file is in the same format as ethers(4) except that vendor names
# are truncated to eight characters when used with Wireshark,"
1. What is format of "manuf" file now? Can header comment in "manuf.tmpl" be
updated?
-------------------------------------------------------------------------------------
ETHERS(5) ethers - Ethernet address to IP number database
The "manuf" file may have started with the ethers(5) format but seems to now
have an extra column
for a long manufacturer description.
2. manuf.tmpl entry for 00:00:00 Xerox - cleanup?
-------------------------------------------------
Format for first Xerox entry in manuf.tmpl seems to have a double entry for
00:00:00
3. Organization Code: truncated in Packet Details
-------------------------------------------------
Should the full long manufacturer description be shown or is the field length
limited?
If there is a field length can that be added to the file format description in
the header?
(pcap with llc.oui that is not 00:00:00)
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13567
LLC SNAP with known OUI
https://bugs.wireshark.org/bugzilla/attachment.cgi?id=15417
llc_snap_oui.pcap
------------------
As displayed in GUI:
Organization Code: e0:43:db (Shenzhen ViewAt Techn
Entry from "manuf" file:
E0:43:DB Shenzhen Shenzhen ViewAt Technology Co.,Ltd.
Capture attached to this bug:
Q4-Phill.pcapng
---------------
As displayed in GUI:
Organization Code: 00:00:00 (Officially Xerox, but
Entry in "manuf.tmpl" which gets copied to "manuf":
00:00:00 00:00:00 Officially Xerox, but 0:0:0:0:0:0 is more
common
--
You are receiving this mail because:
You are watching all bug changes.___________________________________________________________________________
Sent via: Wireshark-bugs mailing list <wireshark-bugs@wireshark.org>
Archives: https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe
