| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
| |
not a full decoder, uses default print
reference: http://standards.ieee.org/develop/regauth/ethertype/eth.txt
|
| |
|
|
|
|
|
| |
The sample capture was produced with two Linux hosts (aoetools version
36, kernel module version 85, vblade version 21). One of the hosts
exported a 1MB block device containing a freshly created filesystem and
the other mounted it, wrote a small file and then unmounted.
|
| |
|
|
|
|
|
|
|
| |
And, as we require at least autoconf 2.61, and as autoconf 2.61 and
later have AC_TYPE_UINTn_T and AC_TYPE_INTn_T macros, we use them to
define the uintN_t and intN_t macros if the system doesn't define them
for us.
This lets us get rid of bitypes.h as well.
|
| |
|
|
|
|
|
|
| |
Have them take a netdissect_options * argument, and get the "no name
resolution" flag from it.
Move the declaration of dnaddr_string to addrtoname.h, along with the
other XXX-to-string routines.
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
| |
Eliminate a number of fputs(), putchar() and fflush() uses. Justify
preprocessor directives. Don't typecast ND_PRINT() to void and fix some
indentation.
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
| |
This change converts ZeroMQ, IPX, MPLS, IPv6 options, PPPoE, RIPng,
PFLOG and Sun RPC decoders.
|
| |
|
|
|
|
|
|
|
|
| |
Both interface.h and netdissect.h include <pcap.h>, thus most files
should not include it regardless if these need it or not. The only
exceptions so far remain:
* addrtoname.c
* missing/datalinks.c
* missing/dlnames.c
* tcpdump.c
|
| |
|
|
|
|
|
| |
tcpdump used to print an empty line for a Loopback (CTP) packet, which
many Cisco switches send by default every 10 seconds. This commit adds
a decoder for the protocol and a test case, which uses the sample
capture from Wireshark wiki (configuration_test_protocol_aka_loop.pcap).
|
| |
|
|
|
|
| |
Remove lots of $Header's and a few $Id's that all belong to the former
CVS repository of tcpdump itself. These keywords have been frozen since
the migration to git in late 2008.
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
| |
The protocol is undocumented but Wireshark extracts some useful bits of
info from the packet, so it was used as a reference.
|
| |
|
|
| |
Reviewed-and-much-modified-by: Guy Harris <guy@alum.mit.edu>
|
| |
|
|
|
| |
That makes the names a bit shorter, and mentions the specific Hilscher
product to which they apply.
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Instead of having the Ethernet-type handler process the VLAN and Alteon
jumbo frame Ethernet type values, process them in the Ethernet (and
Linux cooked-mode) dissectors. This makes it easier for the right MAC
addresses to be printed for those packets.
As part of that, rename ether_encap_print() to ethertype_print() - it
doesn't print encapsulated Ethernet frames, it prints payloads whose
packet type is indicated by an Ethernet type field value - and remove
the no-longer-needed "extracted Ethernet type" argument. That also lets
us eliminate it from the SNAP print routine.
Make ether_print() take a function, and an argument to pass to that
function, as parameters, so that, for example, the ATM LANE printer can
use it and put the LEC ID into the link-layer headeer printout.
|
| |
|
|
|
|
|
|
| |
Use the EXTRACT_ macros to extract multi-byte integral values from
packets, rather than just dereferencing pointers into the packet; there
is no guarantee that the packet data will be aligned on the right
boundary, and there is no guarantee that, if they're not, a direct
access will work correctly.
|
| |
|
|
| |
3Com hardware uses.
|
| |
|
|
| |
ethertype in GRE.
|
| |
|
|
| |
OpenRRCP.org.ru for details).
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
having its callers do so - some of its callers *weren't* doing so,
leaving random junk in that argument in some cases.
When checking for "802.3-encapsulated" IPX, check the raw values of the
SSAP and DSAP for 0xFF, don't check them after the low-order bit has
been masked off.
The "flag" values in the LLC header aren't bits, they're combinations of
bits, including the combination "no bits"; don't use "bittok2str()" on
them. Also, combine the proper bits, namely the C/R bit (which we
weren't combining) and the P/F bit (which we were).
|
| | |
|
| |
|
|
|
|
|
|
| |
link-layer print routines if no other print routine claimed the packet.
Test whether that flag is set rather than testing whether neither of -x
or -q were specified, and have -x, -q, *and* -X set that flag, so that
-X suppresses it just as -x does. That way you don't get those pckets
dumped twice if -X was specified.
|
| | |
|
| | |
|
| |
|
|
| |
more easily call the inner parts.
|
| |
|
|
|
|
|
| |
-add the rfc 2684 PIDs as pseudo ethertypes
-display cosmetics:
place a ":" after the LLC printer to indicate that
a new proto layer starts
|
| |
|
|
|
| |
- call the IP6, IPX, ATALK, MPLS dissectors within the GRE dissector
- be more verbose about the GRE proto-id (hidden under the eflag)
|
| | |
|
| | |
|
