Wireshark · Wireshark-bugs: [Wireshark-bugs] [Bug 11965] New: ICMP error messages wrongly filtered on IP source address

Wireshark-bugs: [Wireshark-bugs] [Bug 11965] New: ICMP error messages wrongly filtered on IP sou

Date: Wed, 06 Jan 2016 11:16:23 +0000

Bug ID	11965
Summary	ICMP error messages wrongly filtered on IP source address
Product	Wireshark
Version	2.0.1
Hardware	x86
OS	SuSE
Status	CONFIRMED
Severity	Normal
Priority	Low
Component	Common utilities (libwsutil)
Assignee	bugzilla-admin@wireshark.org
Reporter	erwin.vandevelde@gmail.com

Created attachment 14203 [details]
PCAP example file

Build Information:
Build Information:
Compiled (64-bit) with libpcap, with POSIX capabilities (Linux), with libnl 3,
with libz 1.2.8, with GLib 2.46.2, with SMI 0.4.8, with c-ares 1.10.0, with Lua
5.2, with GnuTLS 3.4.4, with Gcrypt 1.6.4, with MIT Kerberos, with GeoIP.

Running on Linux 4.3.3-3-default, with locale en_US.UTF-8, with libpcap version
1.7.3, with libz 1.2.8, with GnuTLS 3.4.4, with Gcrypt 1.6.4.
Intel(R) Core(TM) i7-4800MQ CPU @ 2.70GHz (with SSE4.2)

Built using gcc 5.2.1 20151008 [gcc-5-branchrevision 228597].
--
If an ICMP error is sent from host A to host B in response to a packet from B
to A, the filter ip.src="" matches the ICMP error as well. This is not expected
behavior I think. For me it messed up my script :-)

Please find an example attached: filter ip.src="" matches the
packet, while the ICMP error originates from 91.238.156.142

You are receiving this mail because:

You are watching all bug changes.

Follow-Ups:
- [Wireshark-bugs] [Bug 11965] ICMP error messages wrongly filtered on IP source address
  - From: bugzilla-daemon
- [Wireshark-bugs] [Bug 11965] ICMP error messages wrongly filtered on IP source address
  - From: bugzilla-daemon
- [Wireshark-bugs] [Bug 11965] ICMP error messages wrongly filtered on IP source address
  - From: bugzilla-daemon
- [Wireshark-bugs] [Bug 11965] ICMP error messages wrongly filtered on IP source address
  - From: bugzilla-daemon
- [Wireshark-bugs] [Bug 11965] ICMP error messages wrongly filtered on IP source address
  - From: bugzilla-daemon
- [Wireshark-bugs] [Bug 11965] ICMP error messages wrongly filtered on IP source address
  - From: bugzilla-daemon
- [Wireshark-bugs] [Bug 11965] ICMP error messages wrongly filtered on IP source address
  - From: bugzilla-daemon
- [Wireshark-bugs] [Bug 11965] ICMP error messages wrongly filtered on IP source address
  - From: bugzilla-daemon
- [Wireshark-bugs] [Bug 11965] ICMP error messages wrongly filtered on IP source address
  - From: bugzilla-daemon

Prev by Date: [Wireshark-bugs] [Bug 11964] New: The field name nstrace.tcpdbg.tcpack should be nstrace.tcpdbg.tcprtt
Next by Date: [Wireshark-bugs] [Bug 11962] Conversations counting ICMP errors in wrong direction
Previous by thread: [Wireshark-bugs] [Bug 11964] The field name nstrace.tcpdbg.tcpack should be nstrace.tcpdbg.tcprtt
Next by thread: [Wireshark-bugs] [Bug 11965] ICMP error messages wrongly filtered on IP source address
Index(es):
- Date
- Thread