]> The Tcpdump Group git mirrors - tcpdump/log
tcpdump
9 years agoDefault to first interface from pcap_findalldevs() 482/head
Simon Nicolussi [Mon, 21 Sep 2015 20:12:20 +0000 (22:12 +0200)] 
Default to first interface from pcap_findalldevs()

Only call (deprecated) pcap_lookupdev() as a last resort, as it doesn't
necessarily agree with pcap_findalldevs() on the order of interfaces and
the -D and -i options already rely upon the latter function's behaviour.

9 years agoDTP: improve packet integrity checks
Denis Ovsienko [Sat, 5 Sep 2015 20:17:30 +0000 (21:17 +0100)] 
DTP: improve packet integrity checks

Adjust the TLV infinite loop check to require the right amount of bytes
for T and L; do it after printing the TLV header so it is easier to
understand what was wrong. Check if the TLV V is within the capture. Use
the new "invalid" exit label to indicate a packet anomaly and add more
checks for the length value into the type-specific case blocks. Print
the domain string with fn_printzp().

9 years agoAdditional Windows cleanups.
Guy Harris [Sat, 19 Sep 2015 00:24:23 +0000 (17:24 -0700)] 
Additional Windows cleanups.

Don't import stuff from WinPcap that it really shouldn't be exporting.

Define HAVE_U_INT{N}_T,to suppress definition of intN_t in bittypes.h, as
included by <pcap/pcap.h> on Windows.

Define HAVE_OS_IPV6_SUPPORT if AF_INET6 is defined, so that if we're
building with a VC+SDK combination that defines it and struct in6_addr,
we don't define them ourselves.

9 years agoEliminate remaining uses of u_int8_t and u_int16_t.
Guy Harris [Fri, 18 Sep 2015 22:15:52 +0000 (15:15 -0700)] 
Eliminate remaining uses of u_int8_t and u_int16_t.

9 years agoEliminate some remaining uses of u_int32_t.
Guy Harris [Fri, 18 Sep 2015 22:11:43 +0000 (15:11 -0700)] 
Eliminate some remaining uses of u_int32_t.

9 years agoWe don't define our own inet_aton() any more, so don't declare it.
Guy Harris [Fri, 18 Sep 2015 20:19:32 +0000 (13:19 -0700)] 
We don't define our own inet_aton() any more, so don't declare it.

9 years agoUpdate Visual Studio files.
Guy Harris [Fri, 18 Sep 2015 19:39:05 +0000 (12:39 -0700)] 
Update Visual Studio files.

Update the list of source files, and the command-line flags (for
example, don't define INET6, as we no longer check it, or WIN32, as we
no longer check it - we check the standard _WIN32 instead).

9 years agoReorganize netdissect.h
Francois-Xavier Le Bail [Fri, 18 Sep 2015 13:14:31 +0000 (15:14 +0200)] 
Reorganize netdissect.h

Group together:
- DLT printers (sorted)
- other printers (sorted)
- utilities

9 years agoRename print_data() to smb_print_data()
Francois-Xavier Le Bail [Fri, 18 Sep 2015 11:04:24 +0000 (13:04 +0200)] 
Rename print_data() to smb_print_data()

9 years agoTravis: The '--disable-ipv6' configure option was eliminated
Francois-Xavier Le Bail [Fri, 18 Sep 2015 10:00:57 +0000 (12:00 +0200)] 
Travis: The '--disable-ipv6' configure option was eliminated

9 years agoDon't require IPv6 library support in order to support IPv6 addresses.
Guy Harris [Thu, 17 Sep 2015 21:56:44 +0000 (14:56 -0700)] 
Don't require IPv6 library support in order to support IPv6 addresses.

Have our own routines to convert between IPv4/IPv6 addresses and
strings; that helps if, for example, we want to build binary versions of
tcpdump for Windows that can run both on NT 5 (W2K/WXP), which doesn't
have inet_ntop() or inet_pton(), and NT 6 (Vista/7/8/10), which do.  It
also means that we don't require IPv6 library support on UN*X to print
addresses (if somebody wants to build tcpdump for older UN*Xes lacking
IPv6 support in the system library or in add-on libraries).

Get rid of files in the missing directory that we don't need, and
various no-longer-necessary autoconf tests.

9 years agoDon't fetch statistics in verbose_stats_dump().
Guy Harris [Thu, 17 Sep 2015 19:59:12 +0000 (12:59 -0700)] 
Don't fetch statistics in verbose_stats_dump().

It only prints *our* (tcpdump's) count of packets seen, so it doesn't
need to fetch statistics from libpcap/WinPcap.

9 years agoRename a variable to avoid collision with stat().
Guy Harris [Thu, 17 Sep 2015 19:23:46 +0000 (12:23 -0700)] 
Rename a variable to avoid collision with stat().

This eliminates a warning with some compilers.

9 years agoRename variable to avoid collision with poll().
Guy Harris [Thu, 17 Sep 2015 19:19:22 +0000 (12:19 -0700)] 
Rename variable to avoid collision with poll().

That eliminates some compiler warnings.

9 years agoUse hex constants so compilers don't whine about negative initializers.
Guy Harris [Thu, 17 Sep 2015 19:17:02 +0000 (12:17 -0700)] 
Use hex constants so compilers don't whine about negative initializers.

9 years agoFix the maximum snaplen value in the man page
Francois-Xavier Le Bail [Thu, 17 Sep 2015 09:13:21 +0000 (11:13 +0200)] 
Fix the maximum snaplen value in the man page

9 years agoInclude ipproto.h to make sure IPPROTO_PIM is defined.
Guy Harris [Thu, 17 Sep 2015 08:48:36 +0000 (01:48 -0700)] 
Include ipproto.h to make sure IPPROTO_PIM is defined.

We use it, but it's not necessarily defined by OS headers; make sure
it's defined, by including our header.

9 years agoThe Option -n is useless in TESTLIST
Francois-Xavier Le Bail [Wed, 16 Sep 2015 21:37:54 +0000 (23:37 +0200)] 
The Option -n is useless in TESTLIST

This option is already set in TESTonce.

9 years agoAdd CONTRIBUTING file
Francois-Xavier Le Bail [Wed, 16 Sep 2015 17:18:56 +0000 (19:18 +0200)] 
Add CONTRIBUTING file

9 years agoNobody uses off_t, either. (ftell(), and pcap_dump_ftell(), return long.)
Guy Harris [Mon, 14 Sep 2015 23:28:37 +0000 (16:28 -0700)] 
Nobody uses off_t, either.  (ftell(), and pcap_dump_ftell(), return long.)

9 years agoWe don't use uint, so no need to define it on Windows.
Guy Harris [Mon, 14 Sep 2015 22:42:18 +0000 (15:42 -0700)] 
We don't use uint, so no need to define it on Windows.

9 years agohdrlen is never > INT_MAX, and we negate it, so make it an int.
Guy Harris [Mon, 14 Sep 2015 22:38:02 +0000 (15:38 -0700)] 
hdrlen is never > INT_MAX, and we negate it, so make it an int.

This squelches some compiler warnings.

9 years agoUse double rather than float.
Guy Harris [Mon, 14 Sep 2015 22:12:28 +0000 (15:12 -0700)] 
Use double rather than float.

That means we can fit a 32-bit integer into a floating-point value
without losing precision.

Also, put in explicit casts when we convert a floating-point value to an
integral value, to suppress compiler warnings.

9 years agoConsistently use float constants.
Guy Harris [Mon, 14 Sep 2015 22:06:33 +0000 (15:06 -0700)] 
Consistently use float constants.

9 years agoMake pduid a u_short consistently.
Guy Harris [Mon, 14 Sep 2015 22:04:12 +0000 (15:04 -0700)] 
Make pduid a u_short consistently.

9 years agoInclude <ctype.h> to make sure we have all the isXXX() functions.
Guy Harris [Mon, 14 Sep 2015 21:50:39 +0000 (14:50 -0700)] 
Include <ctype.h> to make sure we have all the isXXX() functions.

9 years agoDon't rely on uint being defined.
Guy Harris [Mon, 14 Sep 2015 21:37:52 +0000 (14:37 -0700)] 
Don't rely on uint being defined.

9 years agoFix for *pcaps without pcap_create()/pcap_activate().
Guy Harris [Mon, 14 Sep 2015 21:24:38 +0000 (14:24 -0700)] 
Fix for *pcaps without pcap_create()/pcap_activate().

9 years agoGet rid of some unneeded #defines and #includes.
Gisle Vanem [Mon, 14 Sep 2015 19:07:44 +0000 (12:07 -0700)] 
Get rid of some unneeded #defines and #includes.

Those lines are not needed since "netdissect-stdinc.h" has:

#include <winsock2.h>
#include <ws2tcpip.h>

This will ensure <winsock.h> is not included in a later <windows.h>.

SIZE_BUF is not used anywhere AFAICS.

9 years agoRemove non-dissection related fields from struct netdissect_options
Francois-Xavier Le Bail [Mon, 14 Sep 2015 17:19:43 +0000 (19:19 +0200)] 
Remove non-dissection related fields from struct netdissect_options

Remove 'ndo_dlt' and 'ndo_dltname' from netdissect_options, only
used is frontend.
Use instead 'yflag_dlt' and 'yflag_dlt_name' variables in frontend.

Moreover:
Fix style

9 years agoRemove a non-dissection related field from struct netdissect_options
Francois-Xavier Le Bail [Mon, 14 Sep 2015 15:16:26 +0000 (17:16 +0200)] 
Remove a non-dissection related field from struct netdissect_options

Remove 'ndo_immediate' from netdissect_options, only used is frontend.
Use instead 'immediate_mode' variable in frontend.

9 years agoMove if_printer to structure netdissect_options
Francois-Xavier Le Bail [Mon, 14 Sep 2015 13:34:13 +0000 (15:34 +0200)] 
Move if_printer to structure netdissect_options

The structure 'netdissect_options' can hold if_printer.
Thus the structure 'print_info' is useless now.

Moreover:
Delete useless blank lines
Fix indent

9 years agoCall pcap_wsockinit(), not wsockinit(), and print a message if it fails.
Guy Harris [Fri, 11 Sep 2015 18:09:35 +0000 (11:09 -0700)] 
Call pcap_wsockinit(), not wsockinit(), and print a message if it fails.

Get rid of w32_fzs.h while we're at it.

9 years agolibnetdissect code must include 'netdissect.h', not 'interface.h'
Francois-Xavier Le Bail [Fri, 11 Sep 2015 11:22:56 +0000 (13:22 +0200)] 
libnetdissect code must include 'netdissect.h', not 'interface.h'

Moreover:
Remove netdissect.h include in interface.h
Move thiszone declaration in netdissect.h
Update a comment

9 years agoRename 'tcpdump-stdinc.h' to 'netdissect-stdinc.h'
Francois-Xavier Le Bail [Wed, 9 Sep 2015 20:42:38 +0000 (22:42 +0200)] 
Rename 'tcpdump-stdinc.h' to 'netdissect-stdinc.h'

Get the full log via: git log --follow netdissect-stdinc.h

9 years ago'-pedantic' option is supported by Travis, '-Wpedantic' is not
Francois-Xavier Le Bail [Wed, 9 Sep 2015 06:06:39 +0000 (08:06 +0200)] 
'-pedantic' option is supported by Travis, '-Wpedantic' is not

9 years agoCompile with '-Wold-style-definition' in devel mode
Francois-Xavier Le Bail [Wed, 9 Sep 2015 05:42:39 +0000 (07:42 +0200)] 
Compile with '-Wold-style-definition' in devel mode

9 years agoFix incorrect detection of '-Wstrict-prototypes' option
Francois-Xavier Le Bail [Wed, 9 Sep 2015 05:04:28 +0000 (07:04 +0200)] 
Fix incorrect detection of '-Wstrict-prototypes' option

Revert "Simplify AC_LBL_CHECK_COMPILER_OPT a bit."
(commit 43e88cd5b8e9d9d643bbad585743123492452041)

The problem shows itself because 'configure' displays
"checking whether the compiler supports the -Wstrict-prototypes option... no"
even if '-Wstrict-prototypes' option is supported.

Moreover:
Update configure accordingly.
Fix a trailing space.

9 years agoFix warnings as "old-style function definition"
Francois-Xavier Le Bail [Wed, 9 Sep 2015 16:28:02 +0000 (18:28 +0200)] 
Fix warnings as "old-style function definition"

9 years agoUpdate a ndo flag name
Francois-Xavier Le Bail [Wed, 9 Sep 2015 11:26:34 +0000 (13:26 +0200)] 
Update a ndo flag name

Even if frontend/backend separation is ongoing, keep coherence between
option name and flag name at the moment.
Option name is 'm', thus s/ndo_sflag/ndo_mflag/.

9 years agoUpdate a comment
Francois-Xavier Le Bail [Tue, 8 Sep 2015 20:37:54 +0000 (22:37 +0200)] 
Update a comment

9 years agoGet rid of "tcpdump" in some libnetdissect codes
Francois-Xavier Le Bail [Tue, 8 Sep 2015 19:05:46 +0000 (21:05 +0200)] 
Get rid of "tcpdump" in some libnetdissect codes

9 years agoFix a comment
Francois-Xavier Le Bail [Tue, 8 Sep 2015 17:51:03 +0000 (19:51 +0200)] 
Fix a comment

Moreover:
s/tcpdump/netdissect/

9 years agoFix a typo
Francois-Xavier Le Bail [Tue, 8 Sep 2015 17:36:16 +0000 (19:36 +0200)] 
Fix a typo

9 years agoUpdate tcpdump summary comment
Francois-Xavier Le Bail [Tue, 8 Sep 2015 17:24:28 +0000 (19:24 +0200)] 
Update tcpdump summary comment

9 years agoGet rid of "tcpdump" in some libnetdissect codes
Francois-Xavier Le Bail [Tue, 8 Sep 2015 16:01:26 +0000 (18:01 +0200)] 
Get rid of "tcpdump" in some libnetdissect codes

9 years agoPrint program_name instead of "tcpdump"
Francois-Xavier Le Bail [Tue, 8 Sep 2015 15:43:21 +0000 (17:43 +0200)] 
Print program_name instead of "tcpdump"

Moreover:
Fix indent

9 years agoRemove useless include
Francois-Xavier Le Bail [Tue, 8 Sep 2015 10:32:29 +0000 (12:32 +0200)] 
Remove useless include

9 years agoRemove obsolete comment
Francois-Xavier Le Bail [Tue, 8 Sep 2015 10:26:38 +0000 (12:26 +0200)] 
Remove obsolete comment

9 years ago"tcpdump" should not be used in any libnetdissect code.
Guy Harris [Tue, 8 Sep 2015 07:53:38 +0000 (00:53 -0700)] 
"tcpdump" should not be used in any libnetdissect code.

Libnetdissect could be used by programs not named "tcpdump".  Rename
"tcpdump_printf()" to "ndo_printf()".

9 years agoRemove no longer used option 'R'
Francois-Xavier Le Bail [Tue, 8 Sep 2015 07:14:13 +0000 (09:14 +0200)] 
Remove no longer used option 'R'

9 years agoAdd program_name field in the netdissect_options structure
Francois-Xavier Le Bail [Mon, 7 Sep 2015 17:04:50 +0000 (19:04 +0200)] 
Add program_name field in the netdissect_options structure

A program that use the library should set it. Done for tcpdump.
ndo_error() and ndo_warning() print now 'ndo->program_name'.

Moreover:
Fix indent

9 years agoRemove obsolete comments
Francois-Xavier Le Bail [Mon, 7 Sep 2015 13:01:46 +0000 (15:01 +0200)] 
Remove obsolete comments

9 years agoFix a comment
Francois-Xavier Le Bail [Sun, 6 Sep 2015 20:03:23 +0000 (22:03 +0200)] 
Fix a comment

9 years agoRename cstr[] to istr[] like invalid string
Francois-Xavier Le Bail [Sun, 6 Sep 2015 18:05:50 +0000 (20:05 +0200)] 
Rename cstr[] to istr[] like invalid string

Moreover:
Hamonise the output for error messages
Add istr[] in print-babel.c

9 years agoDHCPv6: Update Status Codes with RFCs/IANA names
Francois-Xavier Le Bail [Sun, 6 Sep 2015 12:20:37 +0000 (14:20 +0200)] 
DHCPv6: Update Status Codes with RFCs/IANA names

9 years agoUse the word 'invalid' for 'malformed' or 'corrupted' packets
Francois-Xavier Le Bail [Sun, 6 Sep 2015 11:34:05 +0000 (13:34 +0200)] 
Use the word 'invalid' for 'malformed' or 'corrupted' packets

An invalid packet could be:
1) built malformed originally by the sender or a fuzz tester,
2) became corrupted in transit.

9 years agoPrinters must include 'netdissect.h', not 'interface.h'
Francois-Xavier Le Bail [Sat, 5 Sep 2015 21:35:58 +0000 (23:35 +0200)] 
Printers must include 'netdissect.h', not 'interface.h'

9 years agoFunctions in libnetdissect must use ndo_error() function
Francois-Xavier Le Bail [Sat, 5 Sep 2015 20:28:04 +0000 (22:28 +0200)] 
Functions in libnetdissect must use ndo_error() function

9 years agoamend some comments in util-print.c
Denis Ovsienko [Sat, 5 Sep 2015 18:39:20 +0000 (19:39 +0100)] 
amend some comments in util-print.c

When I needed to print a string and didn't remember which of the three
functions fn_print(), fn_printn() and fn_printzp() was the right one
for the data, every time it would end up in reading through all of them
and forgetting the difference shortly after the commit.

Just having it explained in the comments should work better.

9 years agoPrinters must use ndo_error() function (via ndo->ndo_error)
Francois-Xavier Le Bail [Sat, 5 Sep 2015 18:11:12 +0000 (20:11 +0200)] 
Printers must use ndo_error() function (via ndo->ndo_error)

9 years agoKeep the two line numbers in esp_print_decode_onesecret() separate.
Guy Harris [Tue, 1 Sep 2015 00:16:07 +0000 (17:16 -0700)] 
Keep the two line numbers in esp_print_decode_onesecret() separate.

Have the line number for the file we're opening for "file" be separate
from the line number we're passed.  That avoids warnings, and makes it
clearer *which* line number we're using.

9 years agoAvoid collison with error(), clean up code a bit.
Guy Harris [Mon, 31 Aug 2015 23:57:07 +0000 (16:57 -0700)] 
Avoid collison with error(), clean up code a bit.

Rename the variable to "error_status", as that's what it represents, and
as that doesn't collide with the error() function.  Don't set it and
then not use the resulting value.

9 years agoAvoid collisions with isascii().
Guy Harris [Mon, 31 Aug 2015 23:19:09 +0000 (16:19 -0700)] 
Avoid collisions with isascii().

Those variables are counts, so just give them names that reflects that.

9 years agoAvoid colliding with a tcpdump routine's name.
Guy Harris [Mon, 31 Aug 2015 23:17:03 +0000 (16:17 -0700)] 
Avoid colliding with a tcpdump routine's name.

Just call the variable "data", not "print_data"; we're obviously
printing it.

9 years agoDon't collide with strlen().
Guy Harris [Mon, 31 Aug 2015 23:15:32 +0000 (16:15 -0700)] 
Don't collide with strlen().

strlen() is a standard C function, so don't use its name for a variable.

9 years agoGet rid of warnings on systems that provide index().
Guy Harris [Mon, 31 Aug 2015 23:12:43 +0000 (16:12 -0700)] 
Get rid of warnings on systems that provide index().

Rename the variable "index" to "idx", so that if the environment in
which we're compiling tcpdump happens to declare the index() function
(the old V7 name for the function called strchr() in S3/S5 and ANSI C),
we don't get compiler warnings.

9 years agoThe official #define for 32-bit and 64-bit Windows is _WIN32.
Guy Harris [Mon, 31 Aug 2015 21:43:15 +0000 (14:43 -0700)] 
The official #define for 32-bit and 64-bit Windows is _WIN32.

It's _WIN32, with a leading underscore, not WIN32.  See, for example:

https://sourceforge.net/p/predef/wiki/OperatingSystems/

and

https://msdn.microsoft.com/en-us/library/b0084kay.aspx

*Some* environments may also define WIN32, but we shouldn't depend on
that.

9 years agoFix to reflect dBm radiotap values now being displayed as "dBm" rather than "dB".
Guy Harris [Wed, 26 Aug 2015 19:01:28 +0000 (12:01 -0700)] 
Fix to reflect dBm radiotap values now being displayed as "dBm" rather than "dB".

9 years agoMerge pull request #479 from rlucia/patch-1
Guy Harris [Wed, 26 Aug 2015 18:41:01 +0000 (11:41 -0700)] 
Merge pull request #479 from rlucia/patch-1

dBm values get printed as dB

9 years agodBm values get printed as dB 479/head
Rocco Lucia [Wed, 26 Aug 2015 16:10:13 +0000 (18:10 +0200)] 
dBm values get printed as dB

This is a very old bug, and I think it's time to get fixed :-)

9 years agoAdd a test that makes unaligned accesses.
Guy Harris [Tue, 25 Aug 2015 18:18:38 +0000 (11:18 -0700)] 
Add a test that makes unaligned accesses.

From GitHub issue #478, in which tcpdump crashed on SPARC due to making
an unaligned access.

9 years agoDon't assume the ONC RPC header is nicely aligned.
Guy Harris [Tue, 25 Aug 2015 01:14:55 +0000 (18:14 -0700)] 
Don't assume the ONC RPC header is nicely aligned.

Use UNALIGNED_MEMCPY() to extract the XID from it; otherwise, this might
crash on machines that require strict alignment (e.g., SPARC machines).

Fixes GitHub issue #478.

9 years agoCompile with '-Wpedantic' in devel mode as an attempt to get gcc-ism
Francois-Xavier Le Bail [Wed, 19 Aug 2015 14:50:22 +0000 (16:50 +0200)] 
Compile with '-Wpedantic' in devel mode as an attempt to get gcc-ism

9 years agoFix warnings as "comma at end of enumerator list"
Francois-Xavier Le Bail [Wed, 19 Aug 2015 14:44:52 +0000 (16:44 +0200)] 
Fix warnings as "comma at end of enumerator list"

The warnings were:
comma at end of enumerator list [-Wpedantic]

9 years agoFix a warning as "ISO C90 forbids mixed declarations and code"
Francois-Xavier Le Bail [Tue, 18 Aug 2015 18:59:31 +0000 (20:59 +0200)] 
Fix a warning as "ISO C90 forbids mixed declarations and code"

The warning was:
./tcpdump.c: In function 'droproot':
./tcpdump.c:496:3: warning: ISO C90 forbids mixed declarations and code [-Wdeclaration-after-statement]
   int ret = capng_change_id(pw->pw_uid, pw->pw_gid, CAPNG_NO_FLAG);
   ^

9 years agoCompile with '-Wdeclaration-after-statement' in devel mode
Francois-Xavier Le Bail [Tue, 18 Aug 2015 18:49:32 +0000 (20:49 +0200)] 
Compile with '-Wdeclaration-after-statement' in devel mode

9 years agoFix warnings as "ISO C90 does not support the '%T' gnu_strftime format"
Francois-Xavier Le Bail [Tue, 18 Aug 2015 18:29:42 +0000 (20:29 +0200)] 
Fix warnings as "ISO C90 does not support the '%T' gnu_strftime format"

The complete warnings were:
ISO C90 does not support the '%T' gnu_strftime format [-Wformat=]

9 years agoFix warnings as "ISO C90 does not support the '%lf' gnu_printf format"
Francois-Xavier Le Bail [Tue, 18 Aug 2015 16:15:45 +0000 (18:15 +0200)] 
Fix warnings as "ISO C90 does not support the '%lf' gnu_printf format"

The complete warnings were:
ISO C90 does not support the '%lf' gnu_printf format [-Wformat=]

9 years agoBabel: address a couple compiler warnings
Denis Ovsienko [Thu, 13 Aug 2015 20:40:49 +0000 (21:40 +0100)] 
Babel: address a couple compiler warnings

677:31: warning: variable ‘router_id’ set but not used
676:72: warning: variable ‘hopc’ set but not used

9 years agoupdate CREDITS
Denis Ovsienko [Thu, 13 Aug 2015 20:36:33 +0000 (21:36 +0100)] 
update CREDITS

9 years agoBabel: add decoder for source-specific extension.
Matthieu Boutier [Thu, 6 Feb 2014 23:38:31 +0000 (23:38 +0000)] 
Babel: add decoder for source-specific extension.

9 years agoFix typo in comment.
Guy Harris [Tue, 11 Aug 2015 18:50:43 +0000 (11:50 -0700)] 
Fix typo in comment.

9 years agoGive more details about packet time stamps.
Guy Harris [Wed, 29 Jul 2015 16:17:30 +0000 (09:17 -0700)] 
Give more details about packet time stamps.

Don't speak of "Ethernet" and "wire", as you might not be sniffing an
Ethernet or, indeed, any form of wired network.

Note that not only could there be a delay between the point at which the
interface is finished receiving the packet and when an interrupt is
delivered (whether due to bus delays, polling rather than immediate
interrupts being used, or delays in the CPU responding to the interrupt,
or more than one of those) but also a delay between the point at which
the kernel responds to the interrupt and the point at which it actually
applies a time stamp to the packet.

9 years agoGive a URL for a paper about that protocol.
Guy Harris [Wed, 29 Jul 2015 16:13:38 +0000 (09:13 -0700)] 
Give a URL for a paper about that protocol.

9 years agoCompile with -Wshadow
Francois-Xavier Le Bail [Wed, 29 Jul 2015 11:50:38 +0000 (13:50 +0200)] 
Compile with -Wshadow

9 years agoupdate reference for UDP port 3799
Denis Ovsienko [Fri, 24 Jul 2015 14:01:02 +0000 (15:01 +0100)] 
update reference for UDP port 3799

9 years agoMerge pull request #470 from qnet-herwin/radius_rfc3580
Denis Ovsienko [Wed, 22 Jul 2015 10:21:17 +0000 (11:21 +0100)] 
Merge pull request #470 from qnet-herwin/radius_rfc3580

I haven't included any unit tests, because the trivial change this is. It has been tested locally and it has been seen working there. It doesn't break any existing unit tests either.

Fun fact: this value is used to assign a VLAN to a port or WLAN user, I wouldn't be surprised if it's the most common used value for Tunnel-Type.

9 years agoAdd Value 13 "VLAN" to Tunnel-Type RADIUS attribute 470/head
Herwin Weststrate [Wed, 22 Jul 2015 08:47:57 +0000 (10:47 +0200)] 
Add Value 13 "VLAN" to Tunnel-Type RADIUS attribute

9 years agoExpand a comment to indicate what the "16 bits" are.
Guy Harris [Thu, 16 Jul 2015 20:49:57 +0000 (13:49 -0700)] 
Expand a comment to indicate what the "16 bits" are.

9 years agoNetBIOS Name Service can run over TCP.
Guy Harris [Tue, 14 Jul 2015 20:47:32 +0000 (13:47 -0700)] 
NetBIOS Name Service can run over TCP.

9 years agoClean up the port definitions.
Guy Harris [Tue, 14 Jul 2015 20:39:07 +0000 (13:39 -0700)] 
Clean up the port definitions.

From Bill Parker: sort the port definitions, add some additional
ports, and use #ifndef/#endif around all definitions.

From me: use consistent indentation, add the RFCs for NetBIOS-over-TCP
to the #defines for the NBT ports, and don't keep the IPv6 ports
separate.

9 years agoISOCLNS: Fix some warnings
Francois-Xavier Le Bail [Mon, 13 Jul 2015 09:46:27 +0000 (11:46 +0200)] 
ISOCLNS: Fix some warnings

The warnings were:
./print-isoclns.c: In function 'osi_print_cksum':
./print-isoclns.c:3107:23: warning: comparison between signed and unsigned integer expressions [-Wsign-compare]
             || length > ndo->ndo_snaplen
                       ^
./print-isoclns.c:3108:32: warning: comparison between signed and unsigned integer expressions [-Wsign-compare]
             || checksum_offset > ndo->ndo_snaplen
                                ^

9 years agoAdd Bill Parker to the credits.
Guy Harris [Mon, 13 Jul 2015 20:55:41 +0000 (13:55 -0700)] 
Add Bill Parker to the credits.

9 years agoAdd checks for strdup() failure.
Bill Parker [Mon, 13 Jul 2015 20:04:08 +0000 (13:04 -0700)] 
Add checks for strdup() failure.

9 years agoAdd checks for strdup() failure.
Bill Parker [Mon, 13 Jul 2015 19:59:46 +0000 (12:59 -0700)] 
Add checks for strdup() failure.

9 years agoAdd checks for strdup() failure.
Bill Parker [Mon, 13 Jul 2015 19:55:29 +0000 (12:55 -0700)] 
Add checks for strdup() failure.

9 years agoWe're not doing setjmp/longjmp, so no need for static variables.
Guy Harris [Mon, 13 Jul 2015 19:50:01 +0000 (12:50 -0700)] 
We're not doing setjmp/longjmp, so no need for static variables.

We stopped doing setjmp/longjmp a while ago (it could cause issues on
multiple platforms), so we don't need to make pointer variables static
in the lookup routines.

9 years agorefine use of nameser.h
Denis Ovsienko [Mon, 13 Jul 2015 09:12:03 +0000 (10:12 +0100)] 
refine use of nameser.h

Move the port number #define's to the TCP and UDP files such that they
don't require nameser.h anymore. Update the TCP printer to disregard the
multicast DNS port as it is UDP-only.

9 years agoFix warnings as "declaration of 'x' shadows a global declaration"
Francois-Xavier Le Bail [Sun, 12 Jul 2015 19:37:02 +0000 (21:37 +0200)] 
Fix warnings as "declaration of 'x' shadows a global declaration"

The warnings were:
./tcpdump.c: In function 'show_tstamp_types_and_exit':
./tcpdump.c:220:56: warning: declaration of 'pd' shadows a global declaration [-Wshadow]
 show_tstamp_types_and_exit(const char *device, pcap_t *pd)
                                                        ^
./tcpdump.c:200:16: warning: shadowed declaration is here [-Wshadow]
 static pcap_t *pd;
                ^
./tcpdump.c: In function 'show_dlts_and_exit':
./tcpdump.c:253:48: warning: declaration of 'pd' shadows a global declaration [-Wshadow]
 show_dlts_and_exit(const char *device, pcap_t *pd)
                                                ^
./tcpdump.c:200:16: warning: shadowed declaration is here [-Wshadow]
 static pcap_t *pd;
                ^