Commit Graph

43 Commits

Author SHA1 Message Date
Denis Ovsienko
2210a967cb NDOize ISO CLNS decoder 2014-03-28 14:08:48 +04:00
Denis Ovsienko
979fc38d03 make use of ND_DEFAULTPRINT() 2014-03-26 18:52:40 +04:00
Denis Ovsienko
1fe6e66ece make use of NETDISSECT_REWORKED
Update the already converted decoders to define the macro and to include
interface.h instead of netdissect.h. Fix incurred compile errors.
2014-03-15 14:19:49 +04:00
Denis Ovsienko
d29f3dab95 NDOize 8 more small decoders
This change converts ZeroMQ, IPX, MPLS, IPv6 options, PPPoE, RIPng,
PFLOG and Sun RPC decoders.
2014-03-13 17:21:55 +04:00
Denis Ovsienko
08520c3bde NDOize IP mobile, MSDP and NULL decoders 2014-03-06 21:08:17 +04:00
Denis Ovsienko
88e479b75e don't include pcap.h needlessly
Both interface.h and netdissect.h include <pcap.h>, thus most files
should not include it regardless if these need it or not. The only
exceptions so far remain:
* addrtoname.c
* missing/datalinks.c
* missing/dlnames.c
* tcpdump.c
2014-02-28 18:11:09 +04:00
Denis Ovsienko
69f6f4392a don't include addrtoname.h needlessly 2014-02-25 17:53:08 +04:00
Denis Ovsienko
fe3253b9b8 remove tcpdump's own CVS keywords
Remove lots of $Header's and a few $Id's that all belong to the former
CVS repository of tcpdump itself. These keywords have been frozen since
the migration to git in late 2008.
2014-01-03 00:59:08 +04:00
Guy Harris
a91d20cc84 Convert the IPv6 printer to use netdissect. 2010-11-07 12:50:16 -08:00
hannes
5636348412 move the BSD AF defs into af.h and make the null and rip printer make use of it 2006-03-23 14:58:44 +00:00
guy
d953299b94 Add a flag to suppress the "default_print()" call made in various
link-layer print routines if no other print routine claimed the packet.
Test whether that flag is set rather than testing whether neither of -x
or -q were specified, and have -x, -q, *and* -X set that flag, so that
-X suppresses it just as -x does.  That way you don't get those pckets
dumped twice if -X was specified.
2005-07-07 01:22:15 +00:00
guy
d265160abd Print the link-layer header for packets with an unknown AF value, as it
used to do.

When printing the link-layer header, interpret the "-q" flag, and print
the packet length, similarly to the way the Ethernet print routine does.
2005-05-19 07:25:49 +00:00
hannes
05a730b5ec remove null_print() and make use of tok2str() instead; proto names taken from ethertype_values 2005-05-18 13:50:52 +00:00
mcr
4189fb7df6 refactored ip_print() so that chained header parser (ESP/AH) can
more easily call the inner parts.
2005-04-06 21:32:38 +00:00
guy
fb1b6d808f Fix up a bunch of comments - the on-the-wire length field in a
pcap_pkthdr is "len", not "length".
2004-03-17 23:24:35 +00:00
guy
bbc1cfa669 Have the configure script arrange that the Makefile define _U_
appropriately, and that GNUmakefile and the MSVC++ project file define
it apppriately, as we do with libpcap, rather than defining it in
"interface.h".

Undo the rcsid-shuffling and addition of extra #includes, as we no
longer need to arrange that "interface.h" be included before using _U_
in an RCS ID or copyright.
2003-11-16 09:36:07 +00:00
guy
3824a6c041 From Neil Spring:
use "_U_" in the definitions of "rcsid[]", to eliminate
	complaints about those variables being unused;

	move the definitions after the include of "interface.h", or add
	an include of "interface.h", so that "_U_" is defined.

Include "config.h" before including "tcpdump-stdinc.h" in
"missing/datalinks.c".
2003-11-15 00:39:12 +00:00
hannes
8f94d68a09 don't pass on src & dst MAC adresses to the isoclns decoder as MAC adresses
should be really printed in ether_print() using the eflag
2003-05-22 16:52:36 +00:00
guy
8cb3096bf9 Check the AF_ value rather than the IP header on packets; the packets
aren't necessarily IP packets.  Support several different versions of
AF_INET6 from various BSDs.

Handle OSI, AppleTalk, and IPX.

Handle unknown AF_ values the way unknown protocol types are handled in
other print routines - print the raw packet payload.
2003-02-05 02:28:45 +00:00
guy
4bec97f457 Hoist a bunch of stuff that should be done by all if_print routines into
tcpdump.c.  Have if_print routines return the length of the link-layer
header, so that the common code knows how to skip the link-layer header
when printing the packet in hex/ASCII.
2002-12-19 09:39:10 +00:00
guy
cfabfb053b Add a new routine "default_print_packet()", which takes a pointer to the
beginning of the raw packet data, the captured length of the raw packet
data, and the length of the link-layer header, and:

	if "-e" was specified, prints all the raw packet data;

	if "-e" was not specified, prints all the raw packet data past
	the link-layer header, if there is any.

Use that routine in all the "xxx_if_print()" routines if "-x" was
specified.

Make "arcnet_encap_print()" static - it's not used outside
"print-arcnet.c".

Add missing info printing code to "atm_if_print()".

Print the packet data in "lane_if_print()", not in "lane_print()", as
"lane_print()" can be called from other "xxx_if_print()" routines, and
those routines will also print the packet data if "-x" was specified -
no need to print it twice.
2002-12-18 09:41:13 +00:00
guy
e070cf232f We no longer use "packetp" for anything, so eliminate it. (If any
dissector really needs source and destination MAC addresses, we should
make global pointers to them - which would be null for packets lacking
MAC addresses, so dissectors that need them will need to do something
sensible if those pointers are null.)

Don't fake up an Ethernet header if there aren't any MAC addresses to
use when faking it up.

"bp_chaddr" in "print-bootp.c" is an array, so "bp->bp_chaddr" cannot be
null, and there's no need to test for it not being null.
2002-12-18 08:53:18 +00:00
guy
c422d3ab0f Get rid of the "-Wno-unused" flag, and fix up most of the
unused-parameter problems reported by GCC.  Add an _U_ tag to label
parameters as unused if the function is called through a pointer (so
that you can't change its signature by removing parameters) or if there
are unused parameters only because the function isn't complete.

Add some additional bounds checks the necessity for which was revealed
while cleaning up unused-parameter problems.

Make some routines static.

"lcp_print()", defined in "print-lcp.c", isn't called anywhere -
"print-ppp.c" has the code to dissect LCP.  Get rid of "print-lcp.c".
2002-09-05 21:25:34 +00:00
risso
3d932490b8 Added support for Win32, based on WinPcap. 2002-08-01 08:52:55 +00:00
guy
4c6bada758 Get rid of unneeded incomplete definitions of "struct mbuf" and "struct
rtentry", and unneded includes of <sys/uio.h>, <sys/file.h>, and
<sys/ioctl.h>.
2002-06-01 23:50:30 +00:00
guy
176a3e4986 Put the infodelay wrapping into the remaining "XXX_if_print()" routines.
Split the Cisco HDLC printer into "chdlc_if_print()", which does the
stuff expected of a low-level print routine (printing the time stamp,
printing the final newline, doing the infodelay stuff) and
"chdlc_print()", which doesn't do that stuff.  This lets us clean up
"ppp_hdlc_if_print()" a bit - it can just print the time stamp at the
beginning, and do the infodelay stuff at the end, without having to
treat Cisco HDLC specially by skipping the time stamp printing.  (This
also ensures that the time stamp is always printed, which wasn't the
case before.)

Print the missing final newline in "pppoe_if_print()".
2001-07-05 18:54:13 +00:00
guy
aa22569a90 Handle DLT_NULL correctly - the AF_ value is in host byte order, which
may not be *our* byte order if we're reading a capture file from another
machine; we currently handle that by checking whether it looks like an
integer < 65536 or not and, if it's not, byte-swap it.

This also lets us handle OpenBSD DLT_LOOP as well - it's like DLT_NULL
except that the AF_ value is in *network* byte order.

(Old-style Linux loopback captures were also DLT_NULL, but the header
had an Ethernet type in it; there have also been captures where the
header was a PPP header.  For now, we just continue to assume that all
DLT_NULL packets are IP, and check the IP version field to decide
whether it's IPv4, IPv6, or something else.

We may want to consider adopting Ethereal's heuristics, which would at
least mean we wouldn't be reporting bogus packet types for old-style
Linux loopback captures and those weird PPP - ISDN4BSD? - captures,
although the version of libpcap that goes with this version of tcpdump
doesn't produce bogus DLT_NULL captures for Linux loopback devices.)
2000-12-16 22:00:50 +00:00
guy
4c76b82852 If "-n" is specified along with "-e", print the address family value as
"AF <n>" for DLT_NULL captures.

Print the packet length for DLT_NULL captures when "-e" is specified
(somebody complained on "freebsd-isp" about the lack of any packet
length from tcpdump when capturing traffic on a "tunX" device).

Make sure we always print the packet length on PPP when "-e" is
specified (the person in question also complained that the packet length
disappeared between FreeBSD 2.2.8 and FreeBSD 3.4, which was the result
of a new "print-ppp.c" that didn't print the length).
2000-12-04 06:47:17 +00:00
itojun
ce132b307b put stripped-down version of ip6.h and icmp6.h into tcpdump tree.
ip6.h is almost normal RFC2292 header.
icmp6.h has couple of extensions (not covered by RFC2292),
like MLD, ICMPv6 nodeinfo, and router renumber.

XXX how to synchronize with future kame changes?
2000-10-07 05:53:09 +00:00
itojun
fb75d3cd5a always use u_intXX_t for protocol format declaration. char/short/int may not
come with exact size.  while at it, correct signedness of ip/udp header field.
nuke most of the use of bitfield.
TODO: bitfield in namser.h
2000-10-03 02:54:54 +00:00
guy
cf53dc05f1 Get rid of includes of <netinet/in_systm.h>, and replace "n_short",
"n_long", and "n_time", defined in that file, with other types.
2000-09-29 04:58:33 +00:00
guy
8b67f77134 Get rid of unneeded includes of <net/if.h>. 2000-09-28 06:42:55 +00:00
guy
536f512583 Add an "ip.h" header, to declare the IP stuff needed by dissectors, and
have dissectors include them rather than <netinet/ip.h> or
<netinet/ip_var.h>, if they actually need that stuff.

Put the declarations of the ICMP stuff directly into "print-icmp.c".

Remove all unnecessary includes of <netinet/ip*.h> files.

Copy the byte-order stuff from "nameser.h" into "tcp.h".
2000-09-23 08:54:24 +00:00
guy
7b50febe28 Add "tcp.h" and "udp.h" headers, to declare the TCP and UDP stuff needed
by dissectors, and have dissectors include them rather than
<netinet/udp.h>, <netinet/udp_var.h>, or <netinet/tcp.h>, if they
actually need that stuff.

Remove all unnecessary includes of <netinet/udp*.h> or <netinet/tcp*.h>
files.
2000-09-23 08:26:30 +00:00
guy
e894092542 Add definitions of Ethernet types from
"linux-includes/netinet/if_ether.h" to "ethertype.h".

Move other stuff used by dissectors from <netinet/if_ether.h> to
"ether.h", along the lines of "fddi.h" and "token.h".

Move ARP declarations from BSD include files to "print-arp.c".

Remove from dissectors includes of <netinet/if_ether.h>, and add
includes of "ethertype.h" and/or "ether.h" as necessary.

Get rid of configuration options that test declarations now made in
"ether.h" or "print-arp.c", as those declarations are now under our
control, not the OS's control.
2000-09-23 08:03:27 +00:00
assar
3cd171317f remove non-STDC code 2000-07-01 03:38:59 +00:00
itojun
c4521bbf47 * print-rt6.c: make IPv6 routing header printing work with new 2292bis
API.
* print-bgp.c: improve options printing.  ugly code exists for
  unaligned option parsing (need some fix).
* const poisoning in SMB decoder.
* make dump format back to original.  someone may want to add an
  option to do ascii printing, but keep the default behavior as is
  for scripts used in many places.
* -Wall -Werror clean checks.
1999-12-22 06:27:19 +00:00
itojun
7b1275bce7 fix compilation.
- print-udp.c: rename of nfsv2.h -> nfs.h
- print-{null,sl}.c: ipv6_print -> ip6_print
1999-11-21 12:38:24 +00:00
fenner
b9ac23ce92 Switch to config.h instead of passing defines in DEFS. 1999-11-21 09:36:43 +00:00
assar
4460e45d9e (null_if_print): actually examine the IP version. From
kuznet@ms2.inr.ac.ru
1999-11-21 03:48:05 +00:00
itojun
c9d84d15c5 Bring in KAME IPv6 tcpdump. replaces esp/ah/isakmp decoder.
Hope I did not break anything.  Portability on IPv4-only node needs checking,
I'll do this very soon.  (sorry for rather jumbo commit)

XXx what is _FAVOR_BSD?
1999-10-30 05:11:06 +00:00
mcr
f6fa6a40d4 patches to help build on Linux 2.2 1999-10-17 21:37:10 +00:00
mcr
f555c163f9 Initial revision 1999-10-07 23:47:09 +00:00