Wireshark / TShark Record Length: Stops Display

[Nalini J Elkins <nalini.elkins () insidethestack com>]

Guys,

I am testing some test code for the new PDM IPv6 Destination Option 
(https://datatracker.ietf.org/doc/draft-ietf-ippm-6man-pdm-option/) which is now in the RFC Editor's queue, so should 
get an RFC number soon!

Anyway, what is happening is that we have a bug in the record length (I suspect!) when there is IP fragmentation.  At 
least, we are trying to fix our issues with an IP fragmentation bug in our code.  The message I get from Wireshark is:
"The capture file appears to be damaged or corrupt. (pcap: File has 172958905-byte packet, bigger than maximum of 
262144)"
I suspect that is an invalid packet that we have created.  But, the problem is that both Wireshark & TShark stop 
decrypting at that point so I can't see the packet itself.  The capture file is pretty large: about 700KB but only 239 
packets are decrypted.  I suspect our problem is in packet 240!
Any hints on what I might do? 
Thanks,

Nalini Elkins
CEO and Founder
Inside Products, Inc.
www.insidethestack.com
(831) 659-8360

___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev () wireshark org>
Archives:    https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev
             mailto:wireshark-dev-request () wireshark org?subject=unsubscribe