dpkt erroneously truncates packet with TSO

[GoogleCodeExporter]

When running tcpdump on an interface with TCP segmentation offload feature, the 
packet length field of the IP header is set to 0.  This causes dpkt to truncate 
the packet thinking that there is no payload but in fact there is.

This problem is also experienced by WireShark users.

http://blogs.technet.com/b/nettracer/archive/2010/10/05/bogus-ip-packets-and-wir
eshark.aspx

Attached is a patch to tell dpkt not to truncate packet if the length field has 
zero value.

Note that in the case of IP6, jumbo payload will also set length to 0, but this 
patch does not add in support to parse the extended jumbo packet length header.

liulk

Original issue reported on code.google.com by liulk@google.com on 12 Feb 2013 at 11:16

Attachments:

• 0001-dpkt-IP-and-IP6-fix-to-correctly-deal-with-zero-payl.patch

[GoogleCodeExporter]

Fixed in r87

Original comment by andrewf...@gmail.com on 5 Mar 2013 at 7:45

• Changed state: Fixed
• Added labels: ****
• Removed labels: ****