print-slow.c
print-smtp.c
print-snmp.c
+ print-ssh.c
print-stp.c
print-sunatm.c
print-sunrpc.c
print-slow.c \
print-smtp.c \
print-snmp.c \
+ print-ssh.c \
print-stp.c \
print-sunatm.c \
print-sunrpc.c \
extern void rx_print(netdissect_options *, const u_char *, u_int, u_int, u_int, const u_char *);
extern void sctp_print(netdissect_options *, const u_char *, const u_char *, u_int);
extern void sflow_print(netdissect_options *, const u_char *, u_int);
+extern void ssh_print(netdissect_options *, const u_char *, u_int);
extern void sip_print(netdissect_options *, const u_char *, u_int);
extern void slow_print(netdissect_options *, const u_char *, u_int);
extern void smb_data_print(netdissect_options *, const u_char *, u_int);
--- /dev/null
+/*
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that: (1) source code
+ * distributions retain the above copyright notice and this paragraph
+ * in its entirety, and (2) distributions including binary code include
+ * the above copyright notice and this paragraph in its entirety in
+ * the documentation or other materials provided with the distribution.
+ * THIS SOFTWARE IS PROVIDED ``AS IS'' AND
+ * WITHOUT ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, WITHOUT
+ * LIMITATION, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+ * FOR A PARTICULAR PURPOSE.
+ */
+
+/* \summary: Secure Shell (SSH) printer */
+
+#ifdef HAVE_CONFIG_H
+#include <config.h>
+#endif
+
+#include "netdissect-stdinc.h"
+
+#include <stdio.h>
+#include <stdlib.h>
+
+#include "netdissect.h"
+#include "extract.h"
+
+static int
+ssh_print_version(netdissect_options *ndo, const u_char *pptr, u_int len)
+{
+ u_int idx = 0;
+ const char *pnp;
+
+ if ( GET_U_1(pptr+idx) != 'S' )
+ return 0;
+ idx++;
+ if ( GET_U_1(pptr+idx) != 'S' )
+ return 0;
+ idx++;
+ if ( GET_U_1(pptr+idx) != 'H' )
+ return 0;
+ idx++;
+ if ( GET_U_1(pptr+idx) != '-' )
+ return 0;
+ idx++;
+
+ while (idx < len) {
+ if (GET_U_1(pptr + idx) == '\n') {
+ /*
+ * LF without CR; end of line.
+ * Skip the LF and print the line, with the
+ * exception of the LF.
+ */
+ goto print;
+ } else if (GET_U_1(pptr + idx) == '\r') {
+ /* CR - any LF? */
+ if ((idx+1) >= len) {
+ /* not in this packet */
+ goto trunc;
+ }
+ if (GET_U_1(pptr + idx + 1) == '\n') {
+ /*
+ * CR-LF; end of line.
+ * Skip the CR-LF and print the line, with
+ * the exception of the CR-LF.
+ */
+ goto print;
+ }
+
+ /*
+ * CR followed by something else; treat this as
+ * if it were binary data and don't print it.
+ */
+ goto trunc;
+ } else if (!isascii(GET_U_1(pptr + idx)) ||
+ !isprint(GET_U_1(pptr + idx)) ) {
+ /*
+ * Not a printable ASCII character; treat this
+ * as if it were binary data and don't print it.
+ */
+ goto trunc;
+ }
+ idx++;
+ }
+trunc:
+ return -1;
+print:
+ ND_PRINT(": ");
+ /* Capitalize the protocol name */
+ for (pnp = ndo->ndo_protocol; *pnp != '\0'; pnp++)
+ ND_PRINT("%c", ND_TOUPPER((u_char)*pnp));
+ ND_PRINT(": %.*s", (int)idx, pptr);
+ return idx;
+}
+
+void
+ssh_print(netdissect_options *ndo, const u_char *pptr, u_int len)
+{
+ ndo->ndo_protocol = "ssh";
+
+ ssh_print_version(ndo, pptr, len);
+}
pptp_print(ndo, bp);
else if (IS_SRC_OR_DST_PORT(REDIS_PORT))
resp_print(ndo, bp, length);
+ else if (IS_SRC_OR_DST_PORT(SSH_PORT))
+ ssh_print(ndo, bp, length);
#ifdef ENABLE_SMB
else if (IS_SRC_OR_DST_PORT(NETBIOS_SSN_PORT))
nbt_tcp_print(ndo, bp, length);
#ifndef FTP_PORT
#define FTP_PORT 21
#endif
+#ifndef SSH_PORT
+#define SSH_PORT 22
+#endif
#ifndef TELNET_PORT
#define TELNET_PORT 23
#endif
rtp-seg-fault-1 rtp-seg-fault-1.pcapng rtp-seg-fault-1.out -v -T rtp
rtp-seg-fault-2 rtp-seg-fault-2.pcapng rtp-seg-fault-2.out -v -T rtp
+# SSH tests
+ssh ssh.pcap ssh.out
+
# NFS tests
nfs-write-verf-cookie nfs-write-verf-cookie.pcapng nfs-write-verf-cookie.out -vv
1 22:04:33.999279 IP 20.0.0.2.43443 > 20.0.0.1.6081: Geneve, Flags [none], vni 0xb: IP 30.0.0.2.51225 > 30.0.0.1.22: Flags [S], seq 397610159, win 14600, options [mss 1460,sackOK,TS val 2876069566 ecr 0,nop,wscale 7], length 0
2 22:04:33.999327 IP 20.0.0.1.22540 > 20.0.0.2.6081: Geneve, Flags [C], vni 0xa, options [8 bytes]: IP 30.0.0.1.22 > 30.0.0.2.51225: Flags [S.], seq 2910871522, ack 397610160, win 28960, options [mss 1460,sackOK,TS val 84248969 ecr 2876069566,nop,wscale 7], length 0
3 22:04:33.999513 IP 20.0.0.2.43443 > 20.0.0.1.6081: Geneve, Flags [none], vni 0xb: IP 30.0.0.2.51225 > 30.0.0.1.22: Flags [.], ack 1, win 115, options [nop,nop,TS val 2876069566 ecr 84248969], length 0
- 4 22:04:34.006164 IP 20.0.0.1.22540 > 20.0.0.2.6081: Geneve, Flags [C], vni 0xa, options [8 bytes]: IP 30.0.0.1.22 > 30.0.0.2.51225: Flags [P.], seq 1:40, ack 1, win 227, options [nop,nop,TS val 84248971 ecr 2876069566], length 39
+ 4 22:04:34.006164 IP 20.0.0.1.22540 > 20.0.0.2.6081: Geneve, Flags [C], vni 0xa, options [8 bytes]: IP 30.0.0.1.22 > 30.0.0.2.51225: Flags [P.], seq 1:40, ack 1, win 227, options [nop,nop,TS val 84248971 ecr 2876069566], length 39: SSH: SSH-2.0-OpenSSH_5.9p1 Debian-5ubuntu1
5 22:04:34.006357 IP 20.0.0.2.43443 > 20.0.0.1.6081: Geneve, Flags [none], vni 0xb: IP 30.0.0.2.51225 > 30.0.0.1.22: Flags [.], ack 40, win 115, options [nop,nop,TS val 2876069573 ecr 84248971], length 0
- 6 22:04:34.006387 IP 20.0.0.2.43443 > 20.0.0.1.6081: Geneve, Flags [none], vni 0xb: IP 30.0.0.2.51225 > 30.0.0.1.22: Flags [P.], seq 1:22, ack 40, win 115, options [nop,nop,TS val 2876069573 ecr 84248971], length 21
+ 6 22:04:34.006387 IP 20.0.0.2.43443 > 20.0.0.1.6081: Geneve, Flags [none], vni 0xb: IP 30.0.0.2.51225 > 30.0.0.1.22: Flags [P.], seq 1:22, ack 40, win 115, options [nop,nop,TS val 2876069573 ecr 84248971], length 21: SSH: SSH-2.0-OpenSSH_5.3
7 22:04:34.006457 IP 20.0.0.1.22540 > 20.0.0.2.6081: Geneve, Flags [C], vni 0xa, options [8 bytes]: IP 30.0.0.1.22 > 30.0.0.2.51225: Flags [.], ack 22, win 227, options [nop,nop,TS val 84248971 ecr 2876069573], length 0
8 22:04:34.006523 IP 20.0.0.2.43443 > 20.0.0.1.6081: Geneve, Flags [none], vni 0xb: IP 30.0.0.2.51225 > 30.0.0.1.22: Flags [P.], seq 22:814, ack 40, win 115, options [nop,nop,TS val 2876069573 ecr 84248971], length 792
9 22:04:34.006560 IP 20.0.0.1.22540 > 20.0.0.2.6081: Geneve, Flags [C], vni 0xa, options [8 bytes]: IP 30.0.0.1.22 > 30.0.0.2.51225: Flags [.], ack 814, win 239, options [nop,nop,TS val 84248971 ecr 2876069573], length 0
2 22:04:33.999279 IP 20.0.0.2.43443 > 20.0.0.1.6081: Geneve, Flags [none], vni 0xb: IP 30.0.0.2.51225 > 30.0.0.1.22: Flags [S], seq 397610159, win 14600, options [mss 1460,sackOK,TS val 2876069566 ecr 0,nop,wscale 7], length 0
3 22:04:33.999513 IP 20.0.0.2.43443 > 20.0.0.1.6081: Geneve, Flags [none], vni 0xb: IP 30.0.0.2.51225 > 30.0.0.1.22: Flags [.], ack 2910871523, win 115, options [nop,nop,TS val 2876069566 ecr 84248969], length 0
4 22:04:34.006357 IP 20.0.0.2.43443 > 20.0.0.1.6081: Geneve, Flags [none], vni 0xb: IP 30.0.0.2.51225 > 30.0.0.1.22: Flags [.], ack 40, win 115, options [nop,nop,TS val 2876069573 ecr 84248971], length 0
- 5 22:04:34.006387 IP 20.0.0.2.43443 > 20.0.0.1.6081: Geneve, Flags [none], vni 0xb: IP 30.0.0.2.51225 > 30.0.0.1.22: Flags [P.], seq 0:21, ack 40, win 115, options [nop,nop,TS val 2876069573 ecr 84248971], length 21
+ 5 22:04:34.006387 IP 20.0.0.2.43443 > 20.0.0.1.6081: Geneve, Flags [none], vni 0xb: IP 30.0.0.2.51225 > 30.0.0.1.22: Flags [P.], seq 0:21, ack 40, win 115, options [nop,nop,TS val 2876069573 ecr 84248971], length 21: SSH: SSH-2.0-OpenSSH_5.3
6 22:04:34.006523 IP 20.0.0.2.43443 > 20.0.0.1.6081: Geneve, Flags [none], vni 0xb: IP 30.0.0.2.51225 > 30.0.0.1.22: Flags [P.], seq 21:813, ack 40, win 115, options [nop,nop,TS val 2876069573 ecr 84248971], length 792
7 22:04:34.007397 IP 20.0.0.2.43443 > 20.0.0.1.6081: Geneve, Flags [none], vni 0xb: IP 30.0.0.2.51225 > 30.0.0.1.22: Flags [P.], seq 813:837, ack 1024, win 130, options [nop,nop,TS val 2876069574 ecr 84248971], length 24
8 22:04:34.010470 IP 20.0.0.2.43443 > 20.0.0.1.6081: Geneve, Flags [none], vni 0xb: IP 30.0.0.2.51225 > 30.0.0.1.22: Flags [P.], seq 837:981, ack 1176, win 145, options [nop,nop,TS val 2876069577 ecr 84248972], length 144
6 22:04:34.006164 IP (tos 0x0, ttl 64, id 57275, offset 0, flags [DF], proto UDP (17), length 149)
20.0.0.1.22540 > 20.0.0.2.6081: [no cksum] Geneve, Flags [C], vni 0xa, options [class Standard (0x0) type 0x80(C) len 8 data 0000000c]
IP (tos 0x0, ttl 64, id 54890, offset 0, flags [DF], proto TCP (6), length 91)
- 30.0.0.1.22 > 30.0.0.2.51225: Flags [P.], cksum 0xf103 (correct), seq 1:40, ack 1, win 227, options [nop,nop,TS val 84248971 ecr 2876069566], length 39
+ 30.0.0.1.22 > 30.0.0.2.51225: Flags [P.], cksum 0xf103 (correct), seq 1:40, ack 1, win 227, options [nop,nop,TS val 84248971 ecr 2876069566], length 39: SSH: SSH-2.0-OpenSSH_5.9p1 Debian-5ubuntu1
7 22:04:34.006357 IP (tos 0x0, ttl 64, id 34824, offset 0, flags [DF], proto UDP (17), length 102)
20.0.0.2.43443 > 20.0.0.1.6081: [no cksum] Geneve, Flags [none], vni 0xb
IP (tos 0x0, ttl 64, id 23059, offset 0, flags [DF], proto TCP (6), length 52)
8 22:04:34.006387 IP (tos 0x0, ttl 64, id 34825, offset 0, flags [DF], proto UDP (17), length 123)
20.0.0.2.43443 > 20.0.0.1.6081: [no cksum] Geneve, Flags [none], vni 0xb
IP (tos 0x0, ttl 64, id 23060, offset 0, flags [DF], proto TCP (6), length 73)
- 30.0.0.2.51225 > 30.0.0.1.22: Flags [P.], cksum 0xeea0 (correct), seq 1:22, ack 40, win 115, options [nop,nop,TS val 2876069573 ecr 84248971], length 21
+ 30.0.0.2.51225 > 30.0.0.1.22: Flags [P.], cksum 0xeea0 (correct), seq 1:22, ack 40, win 115, options [nop,nop,TS val 2876069573 ecr 84248971], length 21: SSH: SSH-2.0-OpenSSH_5.3
9 22:04:34.006457 IP (tos 0x0, ttl 64, id 57276, offset 0, flags [DF], proto UDP (17), length 110)
20.0.0.1.22540 > 20.0.0.2.6081: [no cksum] Geneve, Flags [C], vni 0xa, options [class Standard (0x0) type 0x80(C) len 8 data 0000000c]
IP (tos 0x0, ttl 64, id 54891, offset 0, flags [DF], proto TCP (6), length 52)
8 16:32:37.692912 IPOIB, ethertype IPv4 (0x0800), length 128: 192.168.56.10 > 192.168.56.24: ICMP echo request, id 6495, seq 5, length 64
9 16:32:45.050083 IPOIB, ethertype IPv4 (0x0800), length 104: 192.168.56.10.34170 > 192.168.56.24.22: Flags [SEW], seq 798232822, win 32983, options [mss 65480,sackOK,TS val 62202209 ecr 0,nop,wscale 8], length 0
10 16:32:45.050250 IPOIB, ethertype IPv4 (0x0800), length 96: 192.168.56.10.34170 > 192.168.56.24.22: Flags [.], ack 3051049339, win 33232, options [nop,nop,TS val 62202209 ecr 81054], length 0
- 11 16:32:45.051868 IPOIB, ethertype IPv4 (0x0800), length 122: 192.168.56.10.34170 > 192.168.56.24.22: Flags [P.], seq 0:26, ack 1, win 33232, options [nop,nop,TS val 62202209 ecr 81054], length 26
+ 11 16:32:45.051868 IPOIB, ethertype IPv4 (0x0800), length 122: 192.168.56.10.34170 > 192.168.56.24.22: Flags [P.], seq 0:26, ack 1, win 33232, options [nop,nop,TS val 62202209 ecr 81054], length 26: SSH: SSH-2.0-OpenSSH_7.5 FIPS
12 16:32:45.062494 IPOIB, ethertype IPv4 (0x0800), length 96: 192.168.56.10.34170 > 192.168.56.24.22: Flags [.], ack 23, win 33232, options [nop,nop,TS val 62202210 ecr 81055], length 0
13 16:32:45.130591 IPOIB, ethertype IPv4 (0x0800), length 1160: 192.168.56.10.34170 > 192.168.56.24.22: Flags [P.], seq 26:1090, ack 23, win 33232, options [nop,nop,TS val 62202217 ecr 81055], length 1064
14 16:32:45.158656 IPOIB, ethertype IPv4 (0x0800), length 96: 192.168.56.10.34170 > 192.168.56.24.22: Flags [.], ack 1087, win 33232, options [nop,nop,TS val 62202220 ecr 81064], length 0
8 16:32:37.692912 IP 192.168.56.10 > 192.168.56.24: ICMP echo request, id 6495, seq 5, length 64
9 16:32:45.050083 IP 192.168.56.10.34170 > 192.168.56.24.22: Flags [SEW], seq 798232822, win 32983, options [mss 65480,sackOK,TS val 62202209 ecr 0,nop,wscale 8], length 0
10 16:32:45.050250 IP 192.168.56.10.34170 > 192.168.56.24.22: Flags [.], ack 3051049339, win 33232, options [nop,nop,TS val 62202209 ecr 81054], length 0
- 11 16:32:45.051868 IP 192.168.56.10.34170 > 192.168.56.24.22: Flags [P.], seq 0:26, ack 1, win 33232, options [nop,nop,TS val 62202209 ecr 81054], length 26
+ 11 16:32:45.051868 IP 192.168.56.10.34170 > 192.168.56.24.22: Flags [P.], seq 0:26, ack 1, win 33232, options [nop,nop,TS val 62202209 ecr 81054], length 26: SSH: SSH-2.0-OpenSSH_7.5 FIPS
12 16:32:45.062494 IP 192.168.56.10.34170 > 192.168.56.24.22: Flags [.], ack 23, win 33232, options [nop,nop,TS val 62202210 ecr 81055], length 0
13 16:32:45.130591 IP 192.168.56.10.34170 > 192.168.56.24.22: Flags [P.], seq 26:1090, ack 23, win 33232, options [nop,nop,TS val 62202217 ecr 81055], length 1064
14 16:32:45.158656 IP 192.168.56.10.34170 > 192.168.56.24.22: Flags [.], ack 1087, win 33232, options [nop,nop,TS val 62202220 ecr 81064], length 0
204.0.55.10.323 > 204.9.54.80.55936: Flags [P.], cksum 0xc9b6 (incorrect -> 0xfa70), seq 0:347, ack 4294959105, win 1040, options [nop,nop,TS val 2364757411 ecr 3084508609], length 347
RPKI-RTRv197 (unknown)
10 23:52:05.672232 IP truncated-ip - 768 bytes missing! (tos 0x10, ttl 62, id 64806, offset 0, flags [DF], proto TCP (6), length 820, bad cksum 3da6 (->3aa6)!)
- 204.9.51.132.50079 > 204.9.54.80.22: Flags [.], seq 0:768, ack 1, win 4094, options [nop,nop,TS val 941371775 ecr 4294967242], length 768
+ 204.9.51.132.50079 > 204.9.54.80.22: Flags [.], seq 0:768, ack 1, win 4094, options [nop,nop,TS val 941371775 ecr 4294967242], length 768 [|ssh]
11 17:19:33.684826 IP (tos 0x6,ECT(0), ttl 62, id 62920, offset 0, flags [DF], proto TCP (6), length 52, bad cksum 4504 (->4524)!)
204.9.51.132.50079 > 204.243.53.80.22: Flags [.], cksum 0x858b (incorrect -> 0x85a1), ack 1, win 4092, options [nop,nop,TS val 941371913 ecr 1340592084], length 0
12 17:19:33.703499 IP (tos 0x0, ttl 64, id 63178, offset 0, flags [DF], proto TCP (6), length 52, bad cksum 3e8c (->438c)!)
204.0.55.10.323 > 204.9.54.80.55936: Flags [P.], cksum 0xc9b6 (incorrect -> 0xfa86), seq 0:347, ack 4294959105, win 1040, options [nop,nop,TS val 2364757411 ecr 3084508609], length 347
RPKI-RTRv197 (unknown)
10 23:52:05.672232 IP truncated-ip - 768 bytes missing! (tos 0x10, ttl 62, id 64806, offset 0, flags [DF], proto TCP (6), length 820, bad cksum 3da6 (->3aa6)!)
- 204.9.51.132.50079 > 204.9.54.80.22: Flags [.], seq 0:768, ack 1, win 4094, options [nop,nop,TS val 941371775 ecr 4294967242], length 768
+ 204.9.51.132.50079 > 204.9.54.80.22: Flags [.], seq 0:768, ack 1, win 4094, options [nop,nop,TS val 941371775 ecr 4294967242], length 768 [|ssh]
11 17:19:33.684826 IP (tos 0x6,ECT(0), ttl 62, id 62920, offset 0, flags [DF], proto TCP (6), length 52, bad cksum 4504 (->4524)!)
204.9.51.132.50079 > 204.243.53.80.22: Flags [.], cksum 0x858b (incorrect -> 0x85a1), ack 1, win 4092, options [nop,nop,TS val 941371913 ecr 1340592084], length 0
12 17:19:33.703499 IP (tos 0x0, ttl 64, id 63178, offset 0, flags [DF], proto TCP (6), length 52, bad cksum 3e8c (->438c)!)
1 12:56:35.701161 IP 10.2.1.2.35961 > 10.1.1.2.22: Flags [S], seq 2912457561, win 14600, options [mss 1460,sackOK,TS val 4294943152 ecr 0,nop,wscale 6,mptcp capable csum {0x9c9eabd1e46a33b2}], length 0
2 12:56:35.701661 IP 10.1.1.2.22 > 10.2.1.2.35961: Flags [S.], seq 125971326, ack 2912457562, win 14280, options [mss 1460,sackOK,TS val 4294943467 ecr 4294943152,nop,wscale 5,mptcp capable csum {0x967d2770b6960552}], length 0
3 12:56:35.702022 IP 10.2.1.2.35961 > 10.1.1.2.22: Flags [.], ack 1, win 229, options [nop,nop,TS val 4294943152 ecr 4294943467,mptcp capable csum {0x9c9eabd1e46a33b2,0x967d2770b6960552}], length 0
- 4 12:56:35.786074 IP 10.1.1.2.22 > 10.2.1.2.35961: Flags [P.], seq 1:42, ack 1, win 447, options [nop,nop,TS val 4294943474 ecr 4294943152,mptcp add-addr id 1 10.1.2.2,mptcp dss ack 3576348362 seq 3518592144 subseq 1 len 41 csum 0x82f], length 41
+ 4 12:56:35.786074 IP 10.1.1.2.22 > 10.2.1.2.35961: Flags [P.], seq 1:42, ack 1, win 447, options [nop,nop,TS val 4294943474 ecr 4294943152,mptcp add-addr id 1 10.1.2.2,mptcp dss ack 3576348362 seq 3518592144 subseq 1 len 41 csum 0x82f], length 41: SSH: SSH-2.0-OpenSSH_5.5p1 Debian-6+squeeze1
5 12:56:35.786240 IP 10.2.1.2.35961 > 10.1.1.2.22: Flags [.], ack 42, win 229, options [nop,nop,TS val 4294943168 ecr 4294943474,mptcp dss ack 3518592185], length 0
- 6 12:56:35.787634 IP 10.2.1.2.35961 > 10.1.1.2.22: Flags [P.], seq 1:42, ack 42, win 229, options [nop,nop,TS val 4294943168 ecr 4294943474,mptcp dss ack 3518592185 seq 3576348362 subseq 1 len 41 csum 0x45c9], length 41
+ 6 12:56:35.787634 IP 10.2.1.2.35961 > 10.1.1.2.22: Flags [P.], seq 1:42, ack 42, win 229, options [nop,nop,TS val 4294943168 ecr 4294943474,mptcp dss ack 3518592185 seq 3576348362 subseq 1 len 41 csum 0x45c9], length 41: SSH: SSH-2.0-OpenSSH_5.5p1 Debian-6+squeeze2
7 12:56:35.787786 IP 10.1.1.2.22 > 10.2.1.2.35961: Flags [.], ack 42, win 447, options [nop,nop,TS val 4294943474 ecr 4294943168,mptcp dss ack 3576348403], length 0
8 12:56:35.788254 IP 10.2.1.2.41221 > 10.1.2.2.22: Flags [S], seq 1863826096, win 14600, options [mss 1460,sackOK,TS val 4294943168 ecr 0,nop,wscale 6,mptcp join id 0 token 0xe47f0142 nonce 0x1b665a18], length 0
9 12:56:35.788849 IP 10.1.2.2.22 > 10.2.1.2.41221: Flags [S.], seq 1704897135, ack 1863826097, win 14280, options [mss 1460,sackOK,TS val 4294943474 ecr 4294943168,nop,wscale 5,mptcp join id 1 hmac 0x5ab680c7884af03d nonce 0x33abe9d5], length 0
--- /dev/null
+ 1 10:50:09.891237 IP 202.108.87.165.62146 > 223.132.53.222.22: Flags [S], seq 4082233688, win 65535, options [mss 1460,nop,wscale 6,nop,nop,TS val 1948436430 ecr 0,sackOK,eol], length 0
+ 2 10:50:09.916918 IP 223.132.53.222.22 > 202.108.87.165.62146: Flags [S.], seq 2455219014, ack 4082233689, win 28960, options [mss 1460,sackOK,nop,nop,nop,nop,nop,nop,nop,nop,nop,nop,nop,wscale 7], length 0
+ 3 10:50:09.916972 IP 202.108.87.165.62146 > 223.132.53.222.22: Flags [.], ack 1, win 4096, length 0
+ 4 10:50:09.917574 IP 202.108.87.165.62146 > 223.132.53.222.22: Flags [P.], seq 1:22, ack 1, win 4096, length 21: SSH: SSH-2.0-OpenSSH_7.8
+ 5 10:50:09.944464 IP 223.132.53.222.22 > 202.108.87.165.62146: Flags [.], ack 22, win 227, options [nop,nop,nop,nop,nop,nop,nop,nop,nop,nop,nop,nop], length 0
+ 6 10:50:09.945545 IP 223.132.53.222.22 > 202.108.87.165.62146: Flags [P.], seq 1:40, ack 22, win 227, options [nop,nop,nop,nop,nop,nop,nop,nop,nop,nop,nop,nop], length 39: SSH: SSH-2.0-OpenSSH_7.4p1 Debian-10+deb9u3
+ 7 10:50:09.945615 IP 202.108.87.165.62146 > 223.132.53.222.22: Flags [.], ack 40, win 4095, length 0
+ 8 10:50:09.946159 IP 202.108.87.165.62146 > 223.132.53.222.22: Flags [P.], seq 22:1414, ack 40, win 4096, length 1392
+ 9 10:50:09.966036 IP 223.132.53.222.22 > 202.108.87.165.62146: Flags [P.], seq 40:536, ack 22, win 227, options [nop,nop,nop,nop,nop,nop,nop,nop,nop,nop,nop,nop], length 496
+ 10 10:50:09.966200 IP 202.108.87.165.62146 > 223.132.53.222.22: Flags [.], ack 536, win 4088, length 0
+ 11 10:50:10.004152 IP 223.132.53.222.22 > 202.108.87.165.62146: Flags [.], ack 1414, win 249, options [nop,nop,nop,nop,nop,nop,nop,nop,nop,nop,nop,nop], length 0
+ 12 10:50:10.004222 IP 202.108.87.165.62146 > 223.132.53.222.22: Flags [P.], seq 1414:1462, ack 536, win 4096, length 48
+ 13 10:50:10.093620 IP 223.132.53.222.22 > 202.108.87.165.62146: Flags [.], ack 1462, win 249, options [nop,nop,nop,nop,nop,nop,nop,nop,nop,nop,nop,nop], length 0
+ 14 10:50:10.119320 IP 223.132.53.222.22 > 202.108.87.165.62146: Flags [P.], seq 536:1300, ack 1462, win 249, options [nop,nop,nop,nop,nop,nop,nop,nop,nop,nop,nop,nop], length 764
+ 15 10:50:10.119391 IP 202.108.87.165.62146 > 223.132.53.222.22: Flags [.], ack 1300, win 4084, length 0
+ 16 10:50:10.123330 IP 202.108.87.165.62146 > 223.132.53.222.22: Flags [P.], seq 1462:1478, ack 1300, win 4096, length 16
+ 17 10:50:10.191751 IP 223.132.53.222.22 > 202.108.87.165.62146: Flags [.], ack 1478, win 249, options [nop,nop,nop,nop,nop,nop,nop,nop,nop,nop,nop,nop], length 0
+ 18 10:50:10.191831 IP 202.108.87.165.62146 > 223.132.53.222.22: Flags [P.], seq 1478:1522, ack 1300, win 4096, length 44
+ 19 10:50:10.206243 IP 223.132.53.222.22 > 202.108.87.165.62146: Flags [.], ack 1522, win 249, options [nop,nop,nop,nop,nop,nop,nop,nop,nop,nop,nop,nop], length 0
+ 20 10:50:10.207499 IP 223.132.53.222.22 > 202.108.87.165.62146: Flags [P.], seq 1300:1344, ack 1522, win 249, options [nop,nop,nop,nop,nop,nop,nop,nop,nop,nop,nop,nop], length 44
+ 21 10:50:10.207571 IP 202.108.87.165.62146 > 223.132.53.222.22: Flags [.], ack 1344, win 4095, length 0
+ 22 10:50:10.207658 IP 202.108.87.165.62146 > 223.132.53.222.22: Flags [P.], seq 1522:1582, ack 1344, win 4096, length 60
+ 23 10:50:10.222651 IP 223.132.53.222.22 > 202.108.87.165.62146: Flags [P.], seq 1344:1396, ack 1582, win 249, options [nop,nop,nop,nop,nop,nop,nop,nop,nop,nop,nop,nop], length 52
+ 24 10:50:10.222724 IP 202.108.87.165.62146 > 223.132.53.222.22: Flags [.], ack 1396, win 4095, length 0
+ 25 10:50:10.222884 IP 202.108.87.165.62146 > 223.132.53.222.22: Flags [P.], seq 1582:2714, ack 1396, win 4096, length 1132
+ 26 10:50:10.240953 IP 223.132.53.222.22 > 202.108.87.165.62146: Flags [P.], seq 1396:2488, ack 2714, win 271, options [nop,nop,nop,nop,nop,nop,nop,nop,nop,nop,nop,nop], length 1092
+ 27 10:50:10.241024 IP 202.108.87.165.62146 > 223.132.53.222.22: Flags [.], ack 2488, win 4078, length 0
+ 28 10:50:10.319360 IP 202.108.87.165.62146 > 223.132.53.222.22: Flags [.], seq 2714:4174, ack 2488, win 4096, length 1460
+ 29 10:50:10.319361 IP 202.108.87.165.62146 > 223.132.53.222.22: Flags [P.], seq 4174:4886, ack 2488, win 4096, length 712
+ 30 10:50:10.335209 IP 223.132.53.222.22 > 202.108.87.165.62146: Flags [.], ack 4886, win 317, options [nop,nop,nop,nop,nop,nop,nop,nop,nop,nop,nop,nop], length 0
+ 31 10:50:10.348975 IP 223.132.53.222.22 > 202.108.87.165.62146: Flags [P.], seq 2488:2516, ack 4886, win 317, options [nop,nop,nop,nop,nop,nop,nop,nop,nop,nop,nop,nop], length 28
+ 32 10:50:10.349081 IP 202.108.87.165.62146 > 223.132.53.222.22: Flags [.], ack 2516, win 4095, length 0
+ 33 10:50:10.349526 IP 202.108.87.165.62146 > 223.132.53.222.22: Flags [P.], seq 4886:4998, ack 2516, win 4096, length 112
+ 34 10:50:10.363577 IP 223.132.53.222.22 > 202.108.87.165.62146: Flags [P.], seq 2516:2912, ack 4886, win 317, options [nop,nop,nop,nop,nop,nop,nop,nop,nop,nop,nop,nop], length 396
+ 35 10:50:10.363713 IP 202.108.87.165.62146 > 223.132.53.222.22: Flags [.], ack 2912, win 4089, length 0
+ 36 10:50:10.379854 IP 223.132.53.222.22 > 202.108.87.165.62146: Flags [P.], seq 2912:2956, ack 4998, win 317, options [nop,nop,nop,nop,nop,nop,nop,nop,nop,nop,nop,nop], length 44
+ 37 10:50:10.379944 IP 202.108.87.165.62146 > 223.132.53.222.22: Flags [.], ack 2956, win 4095, length 0
+ 38 10:50:10.380586 IP 202.108.87.165.62146 > 223.132.53.222.22: Flags [P.], seq 4998:5186, ack 2956, win 4096, length 188
+ 39 10:50:10.397660 IP 223.132.53.222.22 > 202.108.87.165.62146: Flags [P.], seq 2956:3028, ack 5186, win 340, options [nop,nop,nop,nop,nop,nop,nop,nop,nop,nop,nop,nop], length 72
+ 40 10:50:10.397833 IP 202.108.87.165.62146 > 223.132.53.222.22: Flags [.], ack 3028, win 4094, length 0
+ 41 10:50:10.413471 IP 223.132.53.222.22 > 202.108.87.165.62146: Flags [P.], seq 3028:3136, ack 5186, win 340, options [nop,nop,nop,nop,nop,nop,nop,nop,nop,nop,nop,nop], length 108
+ 42 10:50:10.413539 IP 202.108.87.165.62146 > 223.132.53.222.22: Flags [.], ack 3136, win 4094, length 0
+ 43 10:50:10.416235 IP 223.132.53.222.22 > 202.108.87.165.62146: Flags [P.], seq 3136:3312, ack 5186, win 340, options [nop,nop,nop,nop,nop,nop,nop,nop,nop,nop,nop,nop], length 176
+ 44 10:50:10.416295 IP 202.108.87.165.62146 > 223.132.53.222.22: Flags [.], ack 3312, win 4093, length 0
+ 45 10:50:10.416417 IP 202.108.87.165.62146 > 223.132.53.222.22: Flags [P.], seq 5186:5222, ack 3312, win 4096, length 36
+ 46 10:50:10.416417 IP 202.108.87.165.62146 > 223.132.53.222.22: Flags [P.], seq 5222:5282, ack 3312, win 4096, length 60
+ 47 10:50:10.417744 IP 202.108.87.165.62146 > 223.132.53.222.22: Flags [F.], seq 5282, ack 3312, win 4096, length 0
+ 48 10:50:10.446501 IP 223.132.53.222.22 > 202.108.87.165.62146: Flags [.], ack 5186, win 340, options [nop,nop,nop,nop,nop,nop,nop,nop,nop,nop,nop,nop,nop,nop,sack 1 {5282:5283}], length 0
+ 49 10:50:10.446622 IP 202.108.87.165.62146 > 223.132.53.222.22: Flags [FP.], seq 5186:5282, ack 3312, win 4096, length 96
+ 50 10:50:10.456121 IP 223.132.53.222.22 > 202.108.87.165.62146: Flags [.], ack 5222, win 340, options [nop,nop,nop,nop,nop,nop,nop,nop,nop,nop,nop,nop,nop,nop,sack 1 {5282:5283}], length 0
+ 51 10:50:10.456127 IP 223.132.53.222.22 > 202.108.87.165.62146: Flags [.], ack 5283, win 340, options [nop,nop,nop,nop,nop,nop,nop,nop,nop,nop,nop,nop], length 0
+ 52 10:50:10.456128 IP 223.132.53.222.22 > 202.108.87.165.62146: Flags [F.], seq 3312, ack 5283, win 340, options [nop,nop,nop,nop,nop,nop,nop,nop,nop,nop,nop,nop], length 0
+ 53 10:50:10.456384 IP 202.108.87.165.62146 > 223.132.53.222.22: Flags [.], ack 3313, win 4096, length 0
+ 54 10:50:10.466614 IP 223.132.53.222.22 > 202.108.87.165.62146: Flags [.], ack 5283, win 340, options [nop,nop,nop,nop,nop,nop,nop,nop,nop,nop,nop,nop,nop,nop,sack 1 {5186:5283}], length 0
# End Source File
# Begin Source File
+SOURCE="..\..\print-ssh.c"
+# End Source File
+# Begin Source File
+
SOURCE="..\..\print-stp.c"
# End Source File
# Begin Source File
/>
</FileConfiguration>
</File>
+ <File
+ RelativePath="..\..\print-ssh.c"
+ >
+ <FileConfiguration
+ Name="Debug|Win32"
+ >
+ <Tool
+ Name="VCCLCompilerTool"
+ AdditionalIncludeDirectories=""
+ PreprocessorDefinitions=""
+ />
+ </FileConfiguration>
+ <FileConfiguration
+ Name="Release|Win32"
+ >
+ <Tool
+ Name="VCCLCompilerTool"
+ AdditionalIncludeDirectories=""
+ PreprocessorDefinitions=""
+ />
+ </FileConfiguration>
+ </File>
<File
RelativePath="..\..\print-stp.c"
>
projects / tcpdump / commitdiff
