infrastation
commented
1 year ago The way I make sense of this an a couple similar earlier cases is as follows. In this case most likely it would be right to test for DNS before testing for OpenFlow. Generally speaking, it should be useful to test for most if not all privileged (< 1024) ports before everything else as the design was (and I believe still is) not to originate a TCP/UDP session from a privileged port. This would not eliminate the problem (consider TCP 1723 to TCP 6653), but would make it smaller.
fxlb
With a TCP packet such as:
192.168.205.135.53 > 192.168.1.106.6653The protocol selected and decoded by tcpdump is OpenFlow (OPENFLOW_PORT_IANA == 6653) and not DNS.In the
if...else if...test inprint-tcp.c, the test for OPENFLOW_PORT_IANA is on line 773. The one for NAMESERVER_PORT is after on line 784.Should we change the order? (Wireshark decodes a packet like this as DNS.)