| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
| |
(In devel mode)
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This avoids to get only:
tcpdump: packet printing is not supported for link type XYZ: use -w
The default printing is like:
18:45:52.723872 UNSUPPORTED
0x0000: 001f 0000 0540 6078 725d 586d 4d66 4671 .....@`xr]XmMfFq
0x0010: 6d58 4d5c 7159 5f71 565c 556c 4e71 7171 mXM\qY_qV\UlNqqq
0x0020: 7171 7171 7171 7171 7171 7171 7171 5180 qqqqqqqqqqqqqqQ.
0x0030: 7f7f ..
18:45:52.755995 UNSUPPORTED
0x0000: 001f 0000 0540 6043 7851 807f 7f .....@`CxQ...
[...]
|
| |
|
|
| |
This method is required to dissect some RADIUS attributes
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
(pull request #843)
fix build break for Broadcom LI printer on BSD platforms
incorporate review comments: make bcm_li_print() void, add a sample capture
incorporate review comments: remove trailing tabs
add BCM LI outputs to testset
incorporate review comment: return after printing
update verbose output for bcm-li
|
| | |
|
| |
|
|
|
|
| |
That's not the case on Windows - it doesn't support #!. Look for the
perl interpreter and, if we find it, add a rule that runs tests/TESTrun
with the interpreter.
|
| |
|
|
|
|
| |
Hopefully, that will make sure we don't optimize away anything that
will, for example, cause us not to do things differently on 32-bit x86
using the x87 instructions.
|
| |
|
|
|
|
|
|
|
| |
It's All Very Complicated, so mirror what print-lmp.c does - just do a
calculation based on a particular input value and print the result using
the same format print-lmp.c does, and have tests/TESTrun see what that
result is.
Just do that inside tcpdump.c, so we don't need the fptype stuff.
|
| | |
|
| |
|
|
|
|
|
|
|
| |
1) We don't need libcrypto to check for the header files, and if we say
we do, we get a lot of noise from CMake about policy CMP0075.
2) We need libcrypto, with the full path specified, for library tests;
just linking with -lcrypto might not find it, or might find another
version (thanks, Apple!).
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
At least as I read RFC 5996 section 3.14 and RFC 4303 section 2.4, if
the cipher has a block size of which the ciphertext's size must be a
multiple, the payload must be padded to make that happen, so the
ciphertext length must be a multiple of the block size. Instead of
allocating a buffer, copying the ciphertext to it, and padding it to the
block size, fail if its size isn't a multiple of the block size.
(Note also that the old padding code added a block's worth of padding to
the end of a ciphertext block that *was* a multiple of the cipher block
size; this might have caused problems.)
Don't use the undocumented EVP_Cipher(); the lack of documentation means
a lack of information about whatever requirements it might impose. Use
EVP_DecryptUpdate() instead.
Before calling it, use EVP_CIPHER_CTX_set_padding() to say "don't do
your own padding, this block is a multiple of the cipher block size".
Instead of using EVP_CipherInit() or EVP_CipherInit_ex(), use
EVP_DecryptInit() or EVP_DecryptInit_ex(). as we're always doing
decryption and never doing encryption - the extra parameter to
EVP_CipherInit() and EVP_CipherInit_ex() is always 0.
This may address GitHub issue #814.
It may also make it a bit easier to have the code use Common Crypto on
macOS (rather than requiring that OpenSSL be installed - macOS ships
with an OpenSSL shared library for binary compatibility with older
releases, but doesn't ship with the headers, because Apple wants you
using their crypto code) and use Cryptography API: Next Generation on
Windows (Vista/Server 2008 and later) (rather than requiring a Windows
build of OpenSSL).
(Hopefully this will all work with LibreSSL.)
|
| |
|
|
|
|
|
|
|
| |
- the print routines for ptp different ptp messages
- test completed for sync message, announce message, delay request message,
delay response message and follow up message.
- integration of the ptp v2 code with the tcpdump code.
Signed-off-by: Partha S. Ghosh <psglinux@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The only function tcpdump used in libdnet was dnet_htoa(), which tries
to translate a binary DECnet address to a nodename through a lookup in
/etc/decnet.conf. The translation is slow and has a bug, so stop using
the function and remove the dependency on libdnet.
This makes tcpdump always print DECnet addresses in numeric format, if
anybody needs the translation back they are welcome to fix libdnet or
(more realistically) add an implementation of dnet_htoa() to the tcpdump
source code and use it.
(This is a forward-port of commit 9a6eb27 from tcpdump-4.9 to master.
Sadly, together with libdnet this change removes the fine work that Guy
had done in the master branch in commits ebf3f19 and 4ef8d63 to put
libdnet usage right whilst my original "do not use libdnet" commit was
aging in the pipeline.)
|
| |
|
|
|
| |
We require it for policy CMP0074, so the user can tell CMake where the
Npcap or WinPcap SDK is hiding with -DPCAP_ROOT=.
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
| |
Always initialize C_ADDITIONAL_FLAGS to empty.
Get rid of an extra empty line in a comment.
|
| | |
|
| |
|
|
|
|
|
|
| |
Fail if we don't have it, as we require it.
If we're using MSVC, skip the tests for options to request C99
compatibility - either we have VS 2015, which is sufficient, or we
don't, in which case we fail.
|
| |
|
|
|
|
|
| |
At least with Visual Studio, they're inline functions that call a common
external function, so check_function_exists() doesn't find them.
Clean up indentation while we're at it.
|
| |
|
|
|
|
|
|
|
|
|
|
| |
We require an environment with a C99-compatible snprintf(), so we don't
need to work around older implementations. Make the configuration
process fail if we don't have snprintf() and vsnprintf().
We require at least VS 2015, so we don't have to check for _MSC_VER >=
1400. Make the build fail if we don't have at least VS 2015.
We apparently do, however, have to use __inline, as the VS 2015
documentation doesn't meaning plain old "inline". Update a comment.
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
|
| |
InfiniBand support for tcpdump.
This is an in-house patch. Sent upstream for potential inclusion in future
versions of tcpdump.
(also adding print-ipoib.c to CMakeLists.txt, asked by @guyharris)
(s/u_int16_t/uint16_t asked by @guyharris)
|
| |
|
|
|
|
|
|
|
|
| |
MEDSA (which unofficially stands for Marvell EDSA) relies on the
unregistered 0xDADA ethertype value that was randomly choosen and
currently used by the kernel. But with EDSA this value is programmable,
hence can be changed anytime.
Now that a reliable DLT parser is implemented for both DSA and EDSA
tagged master interfaces, let's get rid for the MEDSA ethertype parser.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Similarly to commit 6eaebfe adding support for the Broadcom tagging
format supported by the DSA kernel subsystem, this commit adds support
for the Marvell DSA and Ethertype DSA (EDSA) tagging formats.
Marvell DSA is a 4-byte proprietary tag placed between the ether source
address and the ether length/type. It contains data such as the switch
device and port IDs from which a frame came from, or to which port
a frame is targetting. It also contains additional FPri and IEEE bits.
EDSA is a 8-byte variant including a programmable ethertype, two null
bytes and a standard DSA tag.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Print Linux 4.12 vsockmon captures:
# modprobe vsockmon
# ip link add type vsockmon
# ip link set vsockmon0 up
# tcpdump -i vsockmon0
16:25:24.987917 VIRTIO 3.1025 > 2.1234 CONNECT, length 76
16:25:24.987963 VIRTIO 2.1234 > 3.1025 CONNECT, length 76
16:25:26.568271 VIRTIO 3.1025 > 2.1234 PAYLOAD, length 82
16:25:26.568512 VIRTIO 2.1234 > 3.1025 CONTROL, length 76
16:25:28.411335 VIRTIO 3.1025 > 2.1234 DISCONNECT, length 76
16:25:28.411628 VIRTIO 2.1234 > 3.1025 DISCONNECT, length 76
For more information about vsock see:
http://wiki.qemu.org/Features/VirtioVsock
|
| |
|
|
|
|
|
| |
That means less duplication of functionality - and less chance that
XXX-over-IPv4 will be handled but XXX-over-IPv6 won't be handled, or
*vice versa*. (CARP and VRRP were being handled over IPv4 but not over
IPv6; this fixes that.)
|
| |\ |
|
| | | |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
This adds support for decoding the Broadcom Ethernet switches tags which
are are 4byte in length and are located between the Ethernet MAC SA and
the Type/Length field (DSA_TAG_BRCM) as well as the pre-pended Broadcom
tag (DSA_TAG_BRCM_PREPEND) which are located in front of the standard
Ethernet header.
This makes use of the recently introduced ether_print_hdr_len() to allow
specifying the non-standard Ethernet header length of 12 + 4 + 2 bytes.
|
| |/ |
|
| |
|
|
|
|
| |
My PC-BSD 9.1 VM, at least, has sys/capability.h but not sys/capsicum.h;
we now use sys/capsicum.h, so require it to be present (which it is in
FreeBSD 10 and later).
|
| | |
|
| |
|
|
|
| |
We now allow them, and require a compiler that supports them, so there's
no need to warn about them.
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Index is displayed always, name only if available.
Warn about possible wrong interfaces when in reading mode
(pcap file can be displayed on a different host then where
was captured) [1].
See: GH the-tcpdump-group/libpcap#127
[1] https://lists.sandelman.ca/pipermail/tcpdump-workers/2018-July/001019.html
Signed-off-by: Petr Vorel <pvorel@suse.cz>
Suggested-by: Guy Harris <guy@alum.mit.edu>
Reviewed-by: Denis Ovsienko <denis@ovsienko.info>
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
| | |
|
