Bug #1136 reports a problem where a packet in a file that is attached has a checksum of 0xFFFF and it is wrongly reported as correct by Wireshark.
Tcpdump reports it as correct. Microsoft Netmon says the packet was truncated and the checksum cannot be computed (figures). Sniffer Portable LAN reports it as wrong ("should be 0x0000"). It seems wrong, but I need proof before providing a patch. Is 0xffff really wrong or not? :) Steve _______________________________________________ Wireshark-dev mailing list Wireshark-dev@wireshark.org http://www.wireshark.org/mailman/listinfo/wireshark-dev