Wireshark-bugs: [Wireshark-bugs] [Bug 1872] New: NDMP is not decoding under release 0.99.06 on W
Date Index · Thread Index · Other Months · All Mailing Lists
Date Prev · Date Next · Thread Prev · Thread Next
From: bugzilla-daemon@xxxxxxxxxxxxx
Date: Thu, 27 Sep 2007 20:24:02 +0000 (GMT)
http://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1872

           Summary: NDMP is not decoding under release 0.99.06 on Windows
           Product: Wireshark
           Version: 0.99.6
          Platform: PC
        OS/Version: Windows XP
            Status: NEW
          Severity: Major
          Priority: High
         Component: Wireshark
        AssignedTo: wireshark-bugs@xxxxxxxxxxxxx
        ReportedBy: fschorr@xxxxxxxxxxx


Build Information:
Paste the COMPLETE build information from "Help->About Wireshark", "wireshark
-v", or "tshark -v".
--
It appears that NDMP (at least ver 4) is not decoding on 0.99.5 for Windows
release.  No problem is seen with release versions 0.99.5 and earlier.

When opening a network capture containing NDMP ver 4 packets, the frames are
being decoded as ESP packets.  If I go to Analyze/Enable Protocols and disable
decoding ESP, the frames are now decoded as TCPENCAP packets. (I'm assuming
that both of these decoders also focus on TCP port 10000) If I disable decoding
TCPENCAP protocol, the NDMP frame only are decoded as TCP packets.

I can successfully do Analyze/Decode As and force the packets to be decoded as
NDMP and have the packets decoded as NDMP packets.

I have tested this on a number of capture containing NDMP traffic with the same
results.  If I can figure out how attach a capture to this bug report I'll
attach an example.

Thanks for your time,
Frank Schorr


-- 
Configure bugmail: http://bugs.wireshark.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.