User interface:
Add optional unit suffix on -C file size.
Add --print-sampling to print every Nth packet instead of all.
+ Add --lengths option to print the captured and original packet lengths.
Source code:
Use %zu when printing a sizeof to squelch compiler warnings
Remove unused missing/snprintf.c.
jmp_buf ndo_early_end; /* jmp_buf for setjmp()/longjmp() */
void *ndo_last_mem_p; /* pointer to the last allocated memory chunk */
int ndo_packet_number; /* print a packet number in the beginning of line */
+ int ndo_lengths; /* print packet header caplen and len */
int ndo_print_sampling; /* print every Nth packet */
int ndo_suppress_default_print; /* don't use default_print() for unknown packet types */
int ndo_tstamp_precision; /* requested time stamp precision */
if (ndo->ndo_packet_number)
ND_PRINT("%5u ", packets_captured);
+ if (ndo->ndo_lengths)
+ ND_PRINT("caplen %u len %u ", h->caplen, h->len);
+
/* Sanity checks on packet length / capture length */
if (h->caplen == 0) {
invalid_header = 1;
.B \-j
.I tstamp_type
]
+.ti +8
+[
+.BI \-\-lengths
+]
[
.B \-m
.I module
might support 802.11 headers, or 802.11 headers with radio information,
only in monitor mode).
.TP
+.BI \-\-lengths
+Print the captured and original packet lengths.
+The lengths are printed at the beginning of the line or after the packet
+number, if any.
+\fIcaplen\fP is the captured packet length (See \fB-s\fP option).
+\fIlen\fP is the original (on wire) packet length.
+.TP
.BI \-m " module"
Load SMI MIB module definitions from file \fImodule\fR.
This option
#define OPTION_FP_TYPE 135
#define OPTION_COUNT 136
#define OPTION_PRINT_SAMPLING 137
+#define OPTION_LENGTHS 138
static const struct option longopts[] = {
#if defined(HAVE_PCAP_CREATE) || defined(_WIN32)
{ "number", no_argument, NULL, '#' },
{ "print", no_argument, NULL, OPTION_PRINT },
{ "print-sampling", required_argument, NULL, OPTION_PRINT_SAMPLING },
+ { "lengths", no_argument, NULL, OPTION_LENGTHS },
{ "version", no_argument, NULL, OPTION_VERSION },
{ NULL, 0, NULL, 0 }
};
#ifdef HAVE_PCAP_FINDALLDEVS_EX
-#define LIST_REMOTE_INTERFACES_USAGE "[ --list-remote-interfaces remote-source ]"
+#define LIST_REMOTE_INTERFACES_USAGE " [ --list-remote-interfaces remote-source ]"
#else
#define LIST_REMOTE_INTERFACES_USAGE
#endif
ndo->ndo_packet_number = 1;
break;
+ case OPTION_LENGTHS:
+ ndo->ndo_lengths = 1;
+ break;
+
case OPTION_VERSION:
print_version(stdout);
exit_tcpdump(S_SUCCESS);
"\t\t[ -i interface ]" IMMEDIATE_MODE_USAGE j_FLAG_USAGE "\n");
#ifdef HAVE_PCAP_FINDALLDEVS_EX
(void)fprintf(f,
-"\t\t" LIST_REMOTE_INTERFACES_USAGE "\n");
+"\t\t[ --lengths ]" LIST_REMOTE_INTERFACES_USAGE "\n");
#endif
#ifdef USE_LIBSMI
(void)fprintf(f,
dns_udp_8053 dns_udp_8053.pcap dns_udp_8053.out -vv
dns_udp_8053-T dns_udp_8053.pcap dns_udp_8053-T.out -vv -T domain
+# test with --lengths option
+dns_udp_2--lengths dns_udp_2.pcap dns_udp_2.out --lengths -vv
+
# DNSSEC from https://bugzilla.redhat.com/show_bug.cgi?id=205842, -vv exposes EDNS DO
dnssec-vv dnssec.pcap dnssec-vv.out -vv
--- /dev/null
+ 1 caplen 98 len 98 09:37:33.129402 IP (tos 0x0, ttl 64, id 22989, offset 0, flags [none], proto UDP (17), length 84)
+ 192.168.1.11.43966 > 209.87.249.18.53: [udp sum ok] 22836+ [1au] A? www.tcpdump.org. ar: . OPT UDPsize=4096 [COOKIE 42f5d00996f90b13] (56)
+ 2 caplen 98 len 266 09:37:33.259762 IP (tos 0x0, ttl 128, id 45, offset 0, flags [none], proto UDP (17), length 252)
+ 209.87.249.18.53 > 192.168.1.11.43966: 22836*- q: A? www.tcpdump.org. 2/2/5 www.tcpdump.org. A 192.139.46.66, www.tcpdump.org. [|domain]
projects / tcpdump / commitdiff
