| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
|
|
|
| |
On Haiku R1/beta4 "make check" failed the "nglog-e" test case because
the printer did not recognize address family 2 as IPv4:
- 1 18:31:59.615994 version 0, resource ID 20, family IPv4 (2),
+ 1 18:31:59.615994 version 0, resource ID 20, family Unknown (2),
Fix print-nflog.c to use the wire encoding AF code points rather than
the OS libc AF constants. This fixes "make check" on Haiku and likely
fixes IPv6 NFLOG decoding on a few non-Linux OSes.
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
| |
Moreover:
Remove trailing "_if" from protocol name.
|
| | |
|
| |
|
|
| |
This reverts commit 5ed759e023e20831a675d1432e12b08061ab1d08.
|
| |\
| |
| | |
Print attributes from NFLOG message
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
print MARK,PREFIX attributes
print HOOK,UID,GID,IFINDEX_INDEV,IFINDEX_OUTDEV,
IFINDEX_PHYSINDEV,IFINDEX_PHYSOUTDEV attributes if -v
print HWHEADER attributes if -vv
print other attributes w/o decode if -vvv
Аdding nflog_print.pcap for testing
|
| | |
| |
| |
| |
| |
| |
| | |
The exceptions are currently:
Some EXTRACT_ in print-juniper.c, not used on packet buffer pointer.
An EXTRACT_BE_U_3 in addrtoname.c, not always used on packet buffer
pointer.
|
| | |
| |
| |
| |
| |
| | |
Because packet length (length) >= capture length (caplen).
(see the sanity checks in print.c, pretty_print_packet() function)
|
| | |
| |
| |
| | |
[skip ci]
|
| | | |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
It's not specified by a libpcap header that might have a different
layout in different pcap releases, it's specified on the list of
link-layer header types and must remain the same forever (except for
getting additional bits defined), so we don't need to pick it up from
libpcap.
This means we get to use tcpdump's nd_ types; do so.
|
| | |
| |
| |
| |
| |
| |
| |
| | |
Remove the tstr[] strings.
Update the output of some tests accordingly.
Moreover:
Add or update some ndo_protocol fields.
|
| | | |
|
| | |
| |
| |
| |
| | |
Update this field in printer entry functions.
It will be used for some printings.
|
| | |
| |
| |
| |
| |
| | |
Moreover:
Add and use tstr[].
Reduce the scope of the variable 'tlv'.
|
| | |
| |
| |
| |
| |
| |
| |
| | |
It was mostly used with large functions.
Moreover:
Put some function definition names at the beginning of line.
Fix a space.
|
| | |
| |
| |
| |
| |
| |
| |
| | |
This can prevent bizarre failures if, for example, you've done a
configuration in the top-level source directory, leaving behind one
config.h file, and then do an out-of-tree build in another directory,
with different configuration options. This way, we always pick up the
same config.h, in the build directory.
|
| | | |
|
| | | |
|
| | | |
|
| | | |
|
| | |
| |
| |
| |
| |
| |
| | |
Moreover:
Remove some redundant comments
Update some summary comments
Update the specification URL for ATA over Ethernet (AoE) protocol
|
| |/
|
|
|
|
|
|
|
|
| |
!(nfhdr->nflog_version) is equivalent to (nfhdr->nflog_version == 0).
That will evaluate to 1 if nfhdr->nflog_version is 0 and to 0 otherwise.
So !(nfhdr->nflog_version) == 0 is equivalent to nfhdr->nflog_version != 0,
but 1) it's more obvious what it means and 2) compilers don't point out
that it may not mean what you intended.
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Have our own routines to convert between IPv4/IPv6 addresses and
strings; that helps if, for example, we want to build binary versions of
tcpdump for Windows that can run both on NT 5 (W2K/WXP), which doesn't
have inet_ntop() or inet_pton(), and NT 6 (Vista/7/8/10), which do. It
also means that we don't require IPv6 library support on UN*X to print
addresses (if somebody wants to build tcpdump for older UN*Xes lacking
IPv6 support in the system library or in add-on libraries).
Get rid of files in the missing directory that we don't need, and
various no-longer-necessary autoconf tests.
|
| |
|
|
| |
Get the full log via: git log --follow netdissect-stdinc.h
|
| | |
|
| |
|
|
|
|
|
| |
The purpose of this macro was to enable the file-by-file switch to NDO,
after which only tcpdump.c had a use of it and the definitions guarded
by it. Update tcpdump.c not to require them any more and dismiss the
unused definitions.
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Always define and declare ip6_print(), always compile print-ip6.c, and
always call it if we recognize a payload as IPv6. If INET6 isn't
defined, ip6_print() will just print the length and note that printing
isn't supported.
That way, we don't do weird dissection of IPv6 packets on systems
without IPv6 support, due to, for example, ethertype_print() returning 0
("not dissected") for IPv6 packets on those systems (IPv6-over-Frame
Relay was dissected weirdly due to this).
|
| | |
|
| |
|
|
|
|
|
|
|
| |
And, as we require at least autoconf 2.61, and as autoconf 2.61 and
later have AC_TYPE_UINTn_T and AC_TYPE_INTn_T macros, we use them to
define the uintN_t and intN_t macros if the system doesn't define them
for us.
This lets us get rid of bitypes.h as well.
|
| |
|
|
|
|
|
|
| |
Have them take a netdissect_options * argument, and get the "no name
resolution" flag from it.
Move the declaration of dnaddr_string to addrtoname.h, along with the
other XXX-to-string routines.
|
| | |
|
| |
|
|
|
| |
Update the already converted decoders to define the macro and to include
interface.h instead of netdissect.h. Fix incurred compile errors.
|
| |
|
|
| |
Don't include unneeded headers and replace a few remaining printf's.
|
| |
|
|
|
|
|
|
|
|
| |
Both interface.h and netdissect.h include <pcap.h>, thus most files
should not include it regardless if these need it or not. The only
exceptions so far remain:
* addrtoname.c
* missing/datalinks.c
* missing/dlnames.c
* tcpdump.c
|
| |
|
|
|
|
|
|
|
| |
We want to process TLVs until we run out of data, so make the main loop
condition "length > 0". Break out of the loop if we see an
NFULA_PAYLOAD TLV.
Add in a bunch of length checks, and make those and existing length
checks report "[|nflog]".
|
| |
|
|
|
|
|
|
|
|
| |
Use the header file for information about LINKTYPE_NFLOG files.
Don't build the NFLOG printer if we don't have that header file.
Fix some checks for pcap/XXX.h header files to look for
"tcpdump-stdinc.h" rather than <tcpdump-stdinc.h>, so that we don't fail
to find that header.
|
| |
|
|
|
|
| |
For headers included in only one source file, put the header contents in
the source file in question, and get rid of a bunch of stuff from the
header not used in the source file.
|
| | |
|
| |
|
|
| |
Reduce pointer conversion and do version check before header decoding.
|
| | |
|
| |
|
|
|
|
| |
Make sure all of them are declared const and most of them -- static.
Proper declaration of token arrays is a common review point for new code
that is based on existing decoders. Thus fix the issue at its root.
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
This change removes detection of linux/netfilter/nfnetlink_log.h, which
was only used to provide two constants. The constants are now defined in
print-nflog.c, making it possible to compile (and test) the NFLOG
decoder on all systems, not only Linux.
There is now a test case for the decoder, it was produced on a Linux
host with:
iptables -A INPUT -p udp --source 74.82.42.42 -j NFLOG --nflog-group 20
dig @74.82.42.42 ...
|
| |
|
|
|
|
| |
Added nflog.h to Makefile.in
Alphabetical order in Makefile.in
|
| |
|
|
|
|
| |
Clean up white space, just add 104 (the length of the NFLOG header) to
the pointer, and return the length of the NFLOG header from
nflog_if_print(). Mark the caplen argument to nflog_print() as unused.
|
| |
|
