Ethereal-dev: Re: Re: [Ethereal-dev] Misdissection from the diameter dissector

Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.

Date Index Thread Index Other Months All Mailing Lists
Date Prev Date Next Thread Prev Thread Next
From: Ulf Lamping <ulf.lamping@xxxxxx>
Date: Tue, 8 Oct 2002 09:07:29 +0200
Another thing IMHO is: there should be NO output to the console window at all, as this will usually by useless (for a user), except for debugging (of course).

In my example capture file (which is very huge), there are LOTS OF console messages, as the are lots of packets misinterpreted!!!

ULFL

P.S: The port problem is, that RADIUS (and other protocols) are using a default server port above 1024, which other TCP implementations use as (automatically assigned) client ports, and ethereal makes currently no distinction between client and server ports (which would be the clean solution).


David Frascone <dave@xxxxxxxxxxxx> schrieb am 08.10.02 01:16:49:
> Sorry I'm replying to this so late.  The main problem here is that the
> packets are coming from the default RADIUS port, which also happens to be
> the default Diameter port until IANA assigns a new one.
> 
> Once Diameter has it's own port, this should only happen when RPC again
> tries to squat a well known port.
> 
> But, at least the dissector was smart enough to barf on the packet w/o core
> dumping :)
> 
> -Dave
> 
> 
> On Tuesday, 24 Sep 2002, Ulf Lamping wrote:
> > Hi List!
> > 
> > A minor problem I have noticed:
> > 
> > Displaying a trace I have made, with some DCE-RPC packets, but displayed as diameter packets.
> > 
> > Some messages on the console:
> > 
> > Diameter: Unable to find name for command code 0x00000000, Vendor "1207959552"!
> > Diameter: Bad packet: Bad Flags(0x10) or Version(5)
> > Diameter: Unable to find name for command code 0x00000000, Vendor "1207959552"!
> > Diameter: Bad packet: Bad Flags(0x10) or Version(5)
> > Diameter: Unable to find name for command code 0x00000000, Vendor "671088640"!
> > Diameter: Bad packet: Bad Flags(0x10) or Version(5)
> > Diameter: Unable to find name for command code 0x00000000, Vendor "671088640"!
> > Diameter: Bad packet: Bad Flags(0x10) or Version(5)
> > 
> > -The diameter dissector should not decode the corresponding packets as diameter packets, as they are using the ports 1812 (diameter) and 135 (rpc), and are really DCE-RPC packets.
> > I have fixed this by setting the diameter port in the preferences to a different value (I'm not using diameter).
> > 
> > -In the console comes a lot of messages like the ones above, which shouldn't be there I think.
> > 
> > Regards ULFL
> > ______________________________________________________________________________
> > WEB.DE MyPage - Ohne Computerkenntnisse in nur 5 Minuten online! Alles
> > inklusive! Kinderleicht!  http://www.das.ist.aber.ne.lustige.sache.ms/
> > 
> > _______________________________________________
> > Ethereal-dev mailing list
> > Ethereal-dev@xxxxxxxxxxxx
> > http://www.ethereal.com/mailman/listinfo/ethereal-dev
> > 
> 
> -- 
> David Frascone
> 
>      Falls don't kill people. It's the deceleration trauma.


______________________________________________________________________________
Tippen Sie mit der cleveren Kombination von Zusammen und Alleine.
Der neue Weg zum Lottoglueck: WEB.DE Spielgemeinschaften!