bitkeks
commented
1 year ago Yep, you are right. Missed this one, because it's a byte at first and then two bytes. Fixed in #44, thanks!
Closed GitOldGrumpy closed 1 year ago
bitkeks
commented
1 year ago Yep, you are right. Missed this one, because it's a byte at first and then two bytes. Fixed in #44, thanks!
It looks to me that the enterprise flag bit is incorrectly cleared. Looking at line 957 in ipfix.py it clears the 7th bit when according to the spec the enterprise flag is the 15th bit.
The flag is first checked on line 953 using the 7th bit because it is working on a byte, it then unpacks a short moving the flag to the 15th bit.