| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
| |
When there is an error, print to stderr and exit with a non-0 status.
Otherwise print to stdout and exit with a status 0. See also tcpslice
commit 5015245.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
As explained in GH #155, when tcpdump is given -r, -w and -v and it
takes long enough to read from the input file (because it is stdin
connected through network or a pipe to stdout of another tcpdump doing
a live capture), pcap_loop() will error before long. One of the ways to
reproduce the fault is as follows:
$ tcpdump -i eno1 -w - | tcpdump -r - -w /tmp/tmp.pcap -v
tcpdump: listening on eno1, link-type EN10MB (Ethernet), snapshot length 262144 bytes
reading from file -, link-type EN10MB (Ethernet), snapshot length 262144
tcpdump: pcap_loop: error reading dump file: Interrupted system call
Skip the verbose_stats_dump() timer setup in this specific corner case
for the time being and document it.
|
| |
|
|
|
|
|
|
|
|
|
| |
All the link-layer dissectors are now void functions.
All the functions were moved to the void_printers[] array.
Rename this array to printers[].
Remove the uint_printers[] array, now empty.
Remove the 'ndo_void_printer' flag field, now useless, from
netdissect_options.
Remove other transitional code.
|
| | |
|
| | |
|
| |
|
|
|
|
| |
The -v (verbose) option can be repeated more than two times.
[skip ci]
|
| |
|
|
|
|
|
|
|
| |
This may help to understand some bug reports.
Moreover:
s/CLang/Clang/
[skip ci]
|
| |
|
|
| |
[skip ci]
|
| |
|
|
|
|
| |
This allows tcpdump to handle DNS running on non-standard ports.
Add two test files with DNS over TCP and DNS over UDP, port 8053.
|
| | |
|
| |
|
|
|
|
|
|
|
|
| |
This change add an option to print only on stderr the packet count
when reading capture file(s) instead of parsing/printing the packets.
If a filter is specified on the command line, tcpdump counts only
packets that were matched by the filter expression.
The option name is '--count'.
|
| | |
|
| |
|
|
|
|
| |
Hopefully, that will make sure we don't optimize away anything that
will, for example, cause us not to do things differently on 32-bit x86
using the x87 instructions.
|
| |
|
|
|
|
|
|
|
| |
It's All Very Complicated, so mirror what print-lmp.c does - just do a
calculation based on a particular input value and print the result using
the same format print-lmp.c does, and have tests/TESTrun see what that
result is.
Just do that inside tcpdump.c, so we don't need the fptype stuff.
|
| |
|
|
|
|
|
|
|
| |
Add a --fp-type flag to tcpdump, which causes it to do a floating-point
operation and, based on the result of the operation, prints out
"FPTYPE{n}", where {n} is a number indicating the result.
Have tests/TESTrun run "./tcpdump --fp-type" and set a HAVE_ key based
on that. Run some tests only for FPTYPE1.
|
| |
|
|
|
|
|
|
| |
That means that we do some buffering of packets. It also means we don't
depend on the immediate-mode APIs being available.
While we're at it, use the short timeout if we're doing text output in
"line-buffered mode" as well as if we're doing it to a terminal.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
If you call pcap_activate() and it fails, you still have a pcap_t from
pcap_create(), and should close it.
Moving the code after the error() calls doesn't make a difference, as
error() exits, but it may make it clearer to those reading tcpdump.c for
help in figuring out how to use libpcap that you should close the pcap_t
if pcap_activate() fails.
(In the future, there may also be the option of changing some options
and trying again, e.g. changing the user name or password for a remote
capture.)
|
| |
|
|
|
|
|
|
|
| |
- the print routines for ptp different ptp messages
- test completed for sync message, announce message, delay request message,
delay response message and follow up message.
- integration of the ptp v2 code with the tcpdump code.
Signed-off-by: Partha S. Ghosh <psglinux@gmail.com>
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The only function tcpdump used in libdnet was dnet_htoa(), which tries
to translate a binary DECnet address to a nodename through a lookup in
/etc/decnet.conf. The translation is slow and has a bug, so stop using
the function and remove the dependency on libdnet.
This makes tcpdump always print DECnet addresses in numeric format, if
anybody needs the translation back they are welcome to fix libdnet or
(more realistically) add an implementation of dnet_htoa() to the tcpdump
source code and use it.
(This is a forward-port of commit 9a6eb27 from tcpdump-4.9 to master.
Sadly, together with libdnet this change removes the fine work that Guy
had done in the master branch in commits ebf3f19 and 4ef8d63 to put
libdnet usage right whilst my original "do not use libdnet" commit was
aging in the pipeline.)
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
This change fixes CVE-2018-14879.
get_next_file() did not check the return value of strlen() and
underflowed an array index if the line read by fgets() from the file
started with \0. This caused an out-of-bounds read and could cause a
write. Add the missing check.
This vulnerability was discovered by Brian Carpenter & Geeknik Labs.
Cherry picked from 9ba91381954ad325ea4fd26b9c65a8bd9a2a85b6
in 4.9 branch.
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
| |
We require an environment with a C99-compatible snprintf(), so we don't
need to work around older implementations. Make the configuration
process fail if we don't have snprintf() and vsnprintf().
We require at least VS 2015, so we don't have to check for _MSC_VER >=
1400. Make the build fail if we don't have at least VS 2015.
We apparently do, however, have to use __inline, as the VS 2015
documentation doesn't meaning plain old "inline". Update a comment.
|
| |
|
|
|
|
|
| |
./tcpdump.c:1951:13: warning: assigning to 'char *' from 'const char [7]'
discards qualifiers [-Wincompatible-pointer-types-discards-qualifiers]
username = WITH_USER;
^ ~~~~~~~~~
|
| |
|
|
|
|
|
|
| |
No chroot on Windows.
The warning was:
C:\projects\tcpdump\tcpdump.c(1450): warning C4189: 'chroot_dir':
local variable is initialized but not referenced
|
| |
|
|
|
|
|
| |
./tcpdump.c:1940:15: warning: assigning to 'char *' from 'const char [5]'
discards qualifiers [-Wincompatible-pointer-types-discards-qualifiers]
chroot_dir = WITH_CHROOT;
^ ~~~~~~~~~~~
|
| |
|
|
|
|
|
| |
./tcpdump.c:1731:23: warning: implicit conversion loses integer precision:
'long' to 'int' [-Wshorten-64-to-32]
ndo->ndo_snaplen = strtol(optarg, &end, 0);
~ ^~~~~~~~~~~~~~~~~~~~~~~
|
| |
|
|
|
|
|
|
| |
The warning was:
./tcpdump.c:1059:7: warning: implicit conversion loses integer precision:
'ssize_t' (aka 'long') to 'int' [-Wshorten-64-to-32]
cc = read(fd, cp, (u_int)buf.st_size);
~ ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
| |\
| |
| | |
Add shortcuts for setting time stamp precision
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Add two shortcuts (as long-options) for setting the time stamp
precision: --micro and --nano. While adding these options, reshuffle
the usage message to group up the options related to time stamp, and
removing the macro TIME_STAMP_PRECISION_USAGE.
If setting the time stamp precision is not supported by the available
libpcap, the usage won't mention these options (including
--time-stamp-precision), but they will still be presented in the
manpage.
|
| |/ |
|
| |
|
|
|
|
| |
The warning was:
./tcpdump.c:182:5: warning: no previous extern declaration for non-static
variable 'dflag' [-Wmissing-variable-declarations]
|
| | |
|
| | |
|
| |
|
|
|
| |
Current included header `sys/capability.h` is deprecated. All
supported FreeBSD versions have now the proper header `sys/capsicum.h`
|
| |
|
|
|
| |
Moreover:
Fix a space.
|
| | |
|
| |
|
|
|
|
| |
s/capture size/snapshot length/
It's a follow-up to 8a54b2483b.
|
| | |
|
| | |
|
| |
|
|
|
|
| |
If you're accumulating the lengths of strings, as returned by strlen(),
and passing the result to malloc(), it should be accumulated in a
size_t.
|
| |
|
|
| |
That's what we did for win_ether_ntohost.h.
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Using seconds offset from GMT to local time to compute local time give
errors when printing times outside the same daylight saving time period.
Use the localtime() function for default and -tttt cases.
Use the gmtime() function for -ttt and -ttttt cases.
Rename ts_hmsfrac_print() to ts_date_hmsfrac_print().
Remove some variables now useless.
Update some comments.
|
| | |
|
| |
|
|
|
| |
Previously would silently accept any of "host", "adapter", or
"adapter_unsynced" regardless of whether the interface supported
the option.
|
| |
|
|
|
|
|
|
| |
Some variables are used only if certain pcap APIs are available; don't
define them if the APIs aren't available.
We don't define show_tstamp_types_and_exit() unless we have
pcap_set_tstamp_type(); don't declare it if we don't define it.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Index is displayed always, name only if available.
Warn about possible wrong interfaces when in reading mode
(pcap file can be displayed on a different host then where
was captured) [1].
See: GH the-tcpdump-group/libpcap#127
[1] https://lists.sandelman.ca/pipermail/tcpdump-workers/2018-July/001019.html
Signed-off-by: Petr Vorel <pvorel@suse.cz>
Suggested-by: Guy Harris <guy@alum.mit.edu>
Reviewed-by: Denis Ovsienko <denis@ovsienko.info>
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
| |
|
|
|
|
|
| |
From Linux manual page of capng_change_id():
Note: the only safe action to do upon failure of this function is to
probably exit. This is because you are likely in a situation with par-
tial permissions and not what you intended.
|
| | |
|
