Wireshark-bugs: [Wireshark-bugs] [Bug 1746] New: new SNMP dissector shows convoluted tree
http://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1746
Summary: new SNMP dissector shows convoluted tree
Product: Wireshark
Version: SVN
Platform: PC
OS/Version: Linux
Status: NEW
Severity: Major
Priority: Medium
Component: Wireshark
AssignedTo: wireshark-bugs@xxxxxxxxxxxxx
ReportedBy: thomas.anders@xxxxxxxxxxxxx
Build Information:
wireshark 0.99.7 (SVN Rev 22504)
Compiled with GTK+ 2.10.6, with GLib 2.12.4, with libpcap 0.9.4, with libz
1.2.3, with libpcre 6.7, with Net-SNMP 5.4.1, without ADNS, without Lua, with
GnuTLS 1.4.4, with Gcrypt 1.2.3, without Kerberos, with PortAudio PortAudio
V19-devel, without AirPcap.
Running on Linux 2.6.18.8-0.3-default, with libpcap version 0.9.4.
Built using gcc 4.1.2 20061115 (prerelease) (SUSE Linux).
--
The change to the asn2wrs generated SNMP dissector (around r18086) has
introduced a major usability regression in the tree pane.
I've attached a sample capture file with a single SNMP INFORM packet. Here's
the compact dissection with the old dissector:
Simple Network Management Protocol
Version: 2C (1)
Community: trapcomm
PDU type: INFORM (6)
Request Id: 0x28ae232e
Error Status: NO ERROR (0)
Error Index: 0
Object identifier 1: 1.3.6.1.2.1.1.3.0
(EXPRESSION-MIB::sysUpTimeInstance)
Value: Timeticks: (123) 0:00:01.23
Object identifier 2: 1.3.6.1.6.3.1.1.4.1.0 (SNMPv2-MIB::snmpTrapOID.0)
Value: OID: RFC1213-MIB::sysDescr.0
Object identifier 3: 1.3.6.1.2.1.1.1.0 (RFC1213-MIB::sysDescr.0)
Value: STRING: "test"
Now compare to the complicated nested output of the new dissector:
Simple Network Management Protocol
version: v2c (1)
community: trapcomm
data: informRequest (6)
informRequest
request-id: 682500910
error-status: noError (0)
error-index: 0
variable-bindings: 3 items
Item
name: 1.3.6.1.2.1.1.3.0
(DISMAN-EVENT-MIB::sysUpTimeInstance)
valueType: value (0)
value: simple (4294967295)
value: simple (4294967295)
application-wide: timeticks-value (3)
timeticks-value: 123
Item
name: 1.3.6.1.6.3.1.1.4.1.0 (SNMPv2-MIB::snmpTrapOID.0)
valueType: value (0)
value: simple (4294967295)
simple: objectID-value (2)
Value: OID: SNMPv2-MIB::sysDescr.0
Item
name: 1.3.6.1.2.1.1.1.0 (SNMPv2-MIB::sysDescr.0)
valueType: value (0)
value: simple (4294967295)
simple: string-value (1)
Value: STRING: test
The new format doesn't seem to provide any significant additional details, but
one needs to expand a *lot* of items until one gets to the relevant
information.
E.g. to see the value (123) of the first varbind, one needs to expand nine
(9!!) items compared to one (1) with the old dissector.
Please also see Bug 1088 for a different regression (info pane).
--
Configure bugmail: http://bugs.wireshark.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.