Can't decode OpenBSD 5.0 pflog files properly on Ubuntu 12.04
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
wireshark (Ubuntu) |
Fix Released
|
Undecided
|
Unassigned |
Bug Description
Please see attached screenshot for example. tcpdump on Ubuntu 12.04 also can't decode the file properly and may be related. Please see bug # 1002138. The packets can be decoded properly by tcpdump on OpenBSD 5.0 itself. The packets can also be decoded properly by the version of Wireshark in Ubuntu 10.04.
The first 10 packets decoded by tcpdump on OpenBSD 5.0 are the following:
# tcpdump -r pflog -c 10
tcpdump: WARNING: snaplen raised from 116 to 1500
11:00:03.879369 0.0.0.0.bootpc > 255.255.
11:00:03.879390 0.0.0.0.bootpc > 255.255.
11:00:05.303412 0.0.0.0.bootpc > 255.255.
11:00:05.303436 0.0.0.0.bootpc > 255.255.
11:00:06.074715 0.0.0.0.bootpc > 255.255.
11:00:06.074746 0.0.0.0.bootpc > 255.255.
11:00:10.781760 0.0.0.0.bootpc > 255.255.
11:00:10.781785 0.0.0.0.bootpc > 255.255.
11:00:11.552526 0.0.0.0.bootpc > 255.255.
11:00:11.552550 0.0.0.0.bootpc > 255.255.
Could you please attach a sample capture file?