Bug #1136 reports a problem where a packet in a file that is attached
has a checksum of 0xFFFF and it is wrongly reported as correct by
Wireshark.
Tcpdump reports it as correct. Microsoft Netmon says the packet was
truncated and the checksum cannot be computed (figures). Sniffer
Portable LAN reports it as wrong ("should be 0x0000").
It seems wrong, but I need proof before providing a patch. Is 0xffff
really wrong or not? :)
Steve
_______________________________________________
Wireshark-dev mailing list
Wireshark-dev@wireshark.org
http://www.wireshark.org/mailman/listinfo/wireshark-dev
