Re: Wireshark may get ISN wrong

[Matt <mattator () gmail com>]

Find enclosed a fix for HEAD.

% git diff --stat
 epan/dissectors/packet-tcp.c | 8 +++++---
 epan/dissectors/packet-tcp.h | 5 ++---
 2 files changed, 7 insertions(+), 6 deletions(-)

2014-11-18 15:54 GMT+01:00 Matt <mattator () gmail com>:
> Thanks for the suggestion but relative seq nb is a really nice feature
> I use for plotting and analyzing data. If the TCP ISN can be 0 (I
> believe it can ?) then my report qualifies as a bug. The fix should be
> a ~10 lines patch with the expense of a boolean in tcp_analysis. I am
> willing to send a patch for it.
>
> 2014-11-17 18:41 GMT+01:00 ronnie sahlberg <ronniesahlberg () gmail com>:
> > You can just disable relative sequence numbers in the preferences for tcp.
> >
> >
> > On Mon, Nov 17, 2014 at 9:38 AM, Matt <mattator () gmail com> wrote:
> > > Hi,
> > >
> > > I use wireshark to examinate some traces generated by a network
> > > simulator (ns3 www.nsnam.org) which set the ISN to 0 (no randomization
> > > yet).
> > > As wireshark assumes base_seq == 0 to be an unitialized value, it
> > > triggers some error as wireshark tries to set again and again the base
> > > seq. Here is the output of a single 3WHS (custom printf), in peculiar
> > > in the 4th line, which is the ACK of the 3WHS, wiresharks sets
> > > base_seq =seq-1, ie 0-1 and it wraps the seq number (ugly).
> > >
> > > Setting base seq to : 0
> > > Setting base seq to : 0
> > > Setting rev base seq to : 0
> > > Setting base seq to : 4294967295
> > > Setting rev base seq to : 0
> > > Setting rev base seq to : 0
> > > Setting base seq to : 0
> > > Setting base seq to : 0
> > > Setting rev base seq to : 0
> > > Setting base seq to : 0
> > > Setting rev base seq to : 0
> > > Setting base seq to : 1
> > >
> > > I understand it seems a corner case but I don't believe have an ISN
> > > equal to 0 is forbidden by the RFC ?!
> > > I was wondering if I could add some boolean such as "base_seq_set" in
> > > mptcp_info_t to prevent such a behavior.
> > >
> > > Regards
> > > Matt
> > > ___________________________________________________________________________
> > > Sent via:    Wireshark-dev mailing list <wireshark-dev () wireshark org>
> > > Archives:    http://www.wireshark.org/lists/wireshark-dev
> > > Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
> > >              mailto:wireshark-dev-request () wireshark org?subject=unsubscribe
> > ___________________________________________________________________________
> > Sent via:    Wireshark-dev mailing list <wireshark-dev () wireshark org>
> > Archives:    http://www.wireshark.org/lists/wireshark-dev
> > Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
> >              mailto:wireshark-dev-request () wireshark org?subject=unsubscribe

Attachment: tcp_rel_isn.patch
Description:

___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev () wireshark org>
Archives:    http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
             mailto:wireshark-dev-request () wireshark org?subject=unsubscribe