| Commit message (Collapse) | Author | Age | Files | Lines |
... | |
|
|
|
|
| |
This change converts IGMP, IPv6 mobility options, LDP, Lightweight
Access Point, PGM, PPTP and RIP decoders.
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
This change moves the macros to tcpdump-stdinc.h to make sure these are
available without interface.h. It also dismisses two redundant macros
MIN() and SMBMIN(). It is intended to fix the following Solaris compile
error:
Undefined first referenced
symbol in file
MIN print-zeromq.o
|
|
|
|
|
| |
This change converts ZeroMQ, IPX, MPLS, IPv6 options, PPPoE, RIPng,
PFLOG and Sun RPC decoders.
|
|
|
|
|
| |
Introduce netdissect_options into hex_and_ascii_print_with_offset(),
hex_and_ascii_print() and related functions.
|
|
|
|
|
| |
This change converts decoders for: DLT_RAW, IPv6 routing header, USB,
Symantec firewall and cHDLC.
|
| |
|
| |
|
| |
|
|
|
|
|
| |
Update Apple's IP over IEEE1394, Bluetooth, CALM/FAST, IPv6 fragments
and LAN emulation decoders. Remove some stray passages while at it.
|
| |
|
| |
|
|
|
|
|
|
|
| |
The prototype and implementation of 'zmtp1_print_datagram()' is slightly
different; the prototype has a 'const u_int len' as the last parameter.
Whereas the implementation has no 'const'. Hence I get a warning from
MSVC.
|
| |
|
|
|
|
| |
Also remove some unneeded includes while at it.
|
|
|
|
| |
Also remove some unnecessary passages.
|
|
|
|
|
| |
The only purpose of that header file was to provide two declarations
that now fit interface.h same well.
|
| |
|
| |
|
| |
|
|
|
|
|
|
|
| |
That should prevent optimizing the memcpy into code that assumes
alignment.
Add unaligned_memcmp(), and use it, as well.
|
|
|
|
|
|
|
|
|
|
|
| |
It appears that some C compilers will inline safememcpy() *and* will, as
a result, optimize to assume alignment it if it's passed a
putatively-aligned pointer. As the pointers in question are not
guaranteed to be aligned, that can cause crashes on, for example, SPARC.
Also, rename the function to unaligned_memcpy(), to clarify what's
"safe" about it, and change some direct memcpy() calls to use it as
well.
|
| |
|
|
|
|
|
|
| |
Remove lots of $Header's and a few $Id's that all belong to the former
CVS repository of tcpdump itself. These keywords have been frozen since
the migration to git in late 2008.
|
| |
|
| |
|
| |
|
|
|
|
|
|
|
| |
Add new decoder for UDP port 5359 and a sample packet capture produced
on a couple of Linux hosts (a server and a client). Besides that, an
existing Babel capture contained AHCP packets and the current AHCP tests
cover 0, 1 and 2 "-v" flags.
|
|
|
|
| |
dst/src addresses
|
|
|
|
|
|
|
|
|
|
|
| |
The Link Management Protocol version 1 sample capture added to the tests
directory in commit 212eef2 was produced using non-standard UDP port
49998. Later assignment of port 701 reflected in commit 960aee5 made it
impossible to decode the capture.
This change adds a -T override for LMP, uses it to replace the broken
test with two working tests and dismisses the custom test script,
lmp.sh.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Don't assume we have <stdint.h>. Instead, use the AC_TYPE_ macros to
ensure we have the C99 intN_t and uintN_t types; we already include
<inttypes.h> in tcpdump-stdinc.h iff we have it.
Get rid of the structure declarations in openflow-1.0.h, as they have
zero-length arrays (not supported by all the compilers people might be
using) and as
1) they're only used in sizeof()
and
2) after each one there's an assertion to check that sizeof()
returns a specific numerical value
so, instead, just #define various _LEN items to those numerical values
and use them.
Add an openflow.h header with a #define for the length of the basic
header, and move the declaration of of10_header_body_print() there.
|
|\
| |
| |
| | |
Pull changes from the GitHub repository.
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
The new file openflow-1.0.h is a verbatim copy of the file openflow.h
from the openflow-1.0.0.tar.gz distribution. The new file
print-openflow-1.0.c contains a set of functions for OpenFlow 1.0 (wire
protocol 0x01) decoding. Of these functions only
of10_header_body_print() is exported and used by the minimal OpenFlow
decoder.
It is intended that future (1.1, 1.2, 1.3.0) OpenFlow version decoders
are implemented the same way (in modules of their own), since different
versions of OpenFlow specification reuse the same symbols for different
numeric values. This way, print-openflow-1.1.c would include
openflow-1.1.h and so on.
The new test case "of10_p3295-vv" was produced using a Pica8 P-3295
switch and Trema controller running a purpose-built sample application.
|
| |
| |
| |
| |
| |
| |
| | |
This change registers OpenFlow TCP port number and adds processing of
respective packets with openflow_print(), a new function that
understands the minimal OpenFlow header format and can iterate over
messages within a snapshot that starts with the header.
|
|/
|
|
|
|
|
|
|
|
| |
Some versions of Sun C support __attribute__ but don't support the
"unused" or "format" attributes - they don't fail, but they whine a lot.
They also support the "noreturn" attribute, but don't allow it to be
applied to function pointers, only to functions.
Check whether they can be used without warnings, and use them only if
they can.
|
|
|
|
|
|
|
|
|
| |
Added:
* option length check
* option type and TCP flags check
* more information printed
Signed-off-by: Gregory Detal <gregory.detal@uclouvain.be>
|
|
|
|
|
|
|
|
|
| |
This commit adds the support of Multipath TCP (MPTCP). MPTCP is a new
extension to TCP standardized at the IETF. MPTCP allows to use several IP
addresses at the same time by distributing data across several subflows (TCP
connections) while still presenting the standard TCP socket API to the
application. Its benefits are better resource utilization, better throughput
and smoother reaction to failures.
|
|
|
|
|
|
|
|
|
|
|
| |
This change adds new code to decode ZeroMQ datagrams, couples it with
the PGM decoder and extends the -T option to make all this work.
There are two new test cases based on existing captures of ZMTP/1.0
inside [E]PGM to decode the ZMTP/1.0 part of these.
This functionality enables decoding of the traffic zeromq library
produces for "pgm://" and "epgm://" protocol schemas.
|
|
|
|
|
|
|
|
|
| |
The original PGM uses its own IP protocol number. "EPGM" or "PGM/UDP"
stands for UDP-encapsulated PGM, which has no assigned UDP port number
and can be decoded only by means of -T option, which now accepts "pgm"
protocol type for this purpose. There is also a sample capture of EPGM
now (similar to the one of native PGM, but produced using the "epgm://"
protocol schema) and a respective test case.
|
|
|
|
|
| |
They doesn't use their third argument, and they aren't being passed a
third argument, so get rid of that argument.
|
|
|
|
| |
- Use the packettype infrastructure (-T vxlan) for VXLAN parsing (waiting for a well known dest port)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This change adds support for ZMTP/1.0 (ZeroMQ Message Transport Protocol
1.0) framing in TCP packets, as defined in http://rfc.zeromq.org/spec:13
and implemented in zeromq library.
Since there is no assigned port number for ZeroMQ, the user is left
responsible for making only the related TCP packets captured and
enforcing ZMTP/1.0 decoding through the "-T zmtp1" option.
Each ZMTP/1.0 frame of a packet will produce a single additional line of
output. The "-v" flag will add up to 8 lines (128 bytes) worth of
hex+ASCII dump of the frame body, and "-vv" and higher will dump the
full frame body, however long.
Beware that this code handles neither IP fragmentation nor TCP
segmentation and will incorrectly decode segments not starting at a
frame boundary.
The included sample capture stands for a short ZeroMQ session between a
REQ/REP socket pair doing 3 anonymous 2-way exchanges. It was produced
using version 2.1.9 of zeromq library patched to fix its bug #293, so
that all MBZ bits of the flags field are set to 0.
|
| |
|
|
|
|
|
|
|
|
| |
This allows tcpdump to handle RADIUS running on non-standard ports.
Submitted-By: ssb@sourceforge.net
Man page also updated by me.
|
|
|
|
|
|
|
| |
The most notable difference between RFC5006 and RFC6106 is the addition
of DNSSL RA option. This commit adds DNSSL handling code to make tcpdump
fully RFC6106-aware. This code has been tested against RA packets
generated by Quagga and radvd.
|