Statistics->IPv[4|6] Statistics -> Source and Destination Addresses incorrect for tunneling
Source and destination addresses are pulled from net_src/net_dst
/* update source branch */ tick_stat_node(st, st_str_src, 0, FALSE); tick_stat_node(st, address_to_str(pinfo->pool, &pinfo->net_src), st_node_src, FALSE); /* update destination branch */ tick_stat_node(st, st_str_dst, 0, FALSE); tick_stat_node(st, address_to_str(pinfo->pool, &pinfo->net_dst), st_node_dst, FALSE);
That is because Wireshark will always display the Source/Destination address pair of the highest layer it can find,
The result is that the statistics display a mix and IPv4 and IPv6 addresses where there is tunneling of mixed versions.
(Hmmm - even if versions aren't mixed, the addresses are incorrect if the tunneled address is being returned)
Steps to reproduce
the Ultimate PCAP (latest update: 20210721):
Statistics->IPv4 Statistics -> Source and Destination Addresses
Statistics->IPv6 Statistics -> Source and Destination Addresses
What is the current bug behavior?
What is the expected correct behavior?
Display lowest (outer) layer IP addresses.
Sample capture file
See "Steps to Reproduce"
Relevant logs and/or screenshots
(Paste any relevant logs here)
(Paste any relevant screenshots here)
3.7.0rc0-1977-g8f4d38b776a7 (v3.7.0rc0-1977-g8f4d38b776a7) Compiled (64-bit) using Microsoft Visual Studio 2022 (VC++ 14.31, build 31107), with GLib 2.66.4, with PCRE2, with zlib 1.2.11, with Qt 6.2.4, with libpcap, with Lua 5.2.4, with GnuTLS 3.6.3 and PKCS #11 support, with Gcrypt 1.8.3, with Kerberos (MIT), with MaxMind, with nghttp2 1.44.0, with brotli, with LZ4, with Zstandard, with Snappy, with libxml2 2.9.10, with libsmi 0.4.8, without QtMultimedia, with automatic updates using WinSparkle 0.5.7, with AirPcap, with SpeexDSP (using bundled resampler), with Minizip. Running on 64-bit Windows 10 (21H1), build 19043, with Intel(R) Core(TM) i5-4300U CPU @ 1.90GHz (with SSE4.2), with 12193 MB of physical memory, with GLib 2.66.4, with PCRE2 10.39 2021-10-29, with Qt 6.2.4, with Npcap version 1.60, based on libpcap version 1.10.2-PRE-GIT, with c-ares 1.17.0, with GnuTLS 3.6.3, with Gcrypt 1.8.3, with nghttp2 1.44.0, with brotli 1.0.9, with LZ4 1.9.3, with Zstandard 1.4.0, without AirPcap, with light display mode, without HiDPI, with LC_TYPE=English_United States.utf8, with binary plugins (21 loaded).