This is our old Q&A Site. Please post any new questions and answers at ask.wireshark.org.

In an iscsi packet for scsi command READ CAPACITY (16), if I try to enter any value greater than 0xFFFFF, i.e. 1677215, wireshark isnt able to differentiate the iscsi packet from the overlying tcp packet which carries it. And the input is fine because the allocation length field is 4 bytes long and thus can accept maximum value of 0xFFFFFFFF.

asked 16 Sep '14, 01:16

GauravOjha's gravatar image

GauravOjha
1113
accept rate: 0%

Can you provide sample captures which show this behavior? If you're quite certain the behavior is not correct, you could always open a bug report.

(23 Oct '14, 02:33) JeffMorriss ♦

(This question should have gotten an answer indicating that it was reported as a bug and that the bug was subsequently fixed: See Bug Wireshark Bug #10469 ).

permanent link

answered 23 Oct '14, 06:31

Bill%20Meier's gravatar image

Bill Meier ♦♦
3.2k1850
accept rate: 17%

edited 23 Oct '14, 06:38

Your answer
toggle preview

Follow this question

By Email:

Once you sign in you will be able to subscribe for any updates here

By RSS:

Answers

Answers and Comments

Markdown Basics

  • *italic* or _italic_
  • **bold** or __bold__
  • link:[text](http://url.com/ "title")
  • image?![alt text](/path/img.jpg "title")
  • numbered list: 1. Foo 2. Bar
  • to add a line break simply add two spaces to where you would like the new line to be.
  • basic HTML tags are also supported

Question tags:

×752
×549
×15

question asked: 16 Sep '14, 01:16

question was seen: 1,396 times

last updated: 23 Oct '14, 06:38

p​o​w​e​r​e​d by O​S​Q​A