Bug 43684 - truncated ip message is wrong
Summary: truncated ip message is wrong
Status: CLOSED NOTABUG
Alias: None
Product: Red Hat Linux
Classification: Retired
Component: tcpdump   
(Show other bugs)
Version: 7.0
Hardware: i386 Linux
medium
low
Target Milestone: ---
Assignee: Harald Hoyer
QA Contact:
URL:
Whiteboard:
Keywords:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2001-06-06 07:45 UTC by Jesper Skov
Modified: 2008-05-01 15:38 UTC (History)
0 users

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2001-06-06 07:45:20 UTC
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

Description Jesper Skov 2001-06-06 07:45:16 UTC
When seeing short packets, tcpdump prints out a warning like this:

09:39:12.829833 < truncated-ip - 46 bytes missing!192.168.42.112 >
thinktwice: i
cmp: echo request
                         4500 005c 8719 0000 ff01 5ec3 c0a8 2a70
                         c0a8 2a03 0800 cee9 3412 0500 1402 0000
                         0000 0000 0800 0000 0c00 0000 1000

But as can be seen, it's printing the length of the packet in the
warning, not the number of bytes missing (60-46 = 14).

Jesper

Comment 1 Harald Hoyer 2001-06-20 08:23:52 UTC
look at the packet header: 4500 005c
5c is the length. 5c is 92. tcpdump is right, cause 92-46 = 46!



Note You need to log in before you can comment on or make changes to this bug.