Commit Graph

7689 Commits

Author SHA1 Message Date
Francois-Xavier Le Bail
88c70f8998 Add the --skip option in print_usage()
This is a follow-up to d0c66a2c2a.

[skip ci]
2024-11-26 12:08:50 +01:00
Francois-Xavier Le Bail
c2f02ad228 BGP: Remove the UPDATE_BUF_BUFLEN() macro
This macro has been unused since commit 71045f95c.
2024-11-25 08:03:03 +00:00
Denis Ovsienko
71393b1bcb Add comments to several #endif directives. [skip ci] 2024-11-24 12:16:12 +00:00
Francois-Xavier Le Bail
f1409314fe CHANGES: Add a change in the main section
[skip ci]
2024-11-23 18:27:41 +01:00
Francois-Xavier Le Bail
85f1d1ea3b LISP: Modernize packet parsing
Define ND_LONGJMP_FROM_TCHECK and remove a 'trunc' label.
Make a bounds check conditional.
Use ND_ICHECK_U() for a length test.
Fix a bounds check, not invalid, but truncated.
(The bounds check is done by hex_print_with_offset() via hex_print().)
Use ND_TTEST_LEN() instead of testing ndo->ndo_snapend.
Remove an useless variable ('packet_iterator' same as 'bp').

Remove/update some comments.
Fix some indentations.
Remove some extra blank lines.

Update the outputs of two tests accordingly.
2024-11-22 10:43:01 +00:00
Francois-Xavier Le Bail
ec5170b265 LISP: Add three test cases (existing pcap printed without "-v")
Rename three test and three test outputs, with "-v" in the names.
2024-11-21 07:07:49 +00:00
Denis Ovsienko
a0d0960c10 doc: Update OmniOS particulars. [skip ci]
r151052 has been released, r151048 is now end-of-life.
2024-11-19 12:22:35 +00:00
Denis Ovsienko
40b8db437e CMake: Fix the comment about versions. [skip ci] 2024-11-17 10:58:13 +00:00
Francois-Xavier Le Bail
ea5373f27b CHANGES: Add a change in the main section
[skip ci]
2024-11-15 21:26:40 +01:00
Francois-Xavier Le Bail
3b2df87bc6 RT6: Add a bounds check for the PadN TLV in Segment Routing Header
Define ND_LONGJMP_FROM_TCHECK.

Add a test file.
2024-11-15 19:28:46 +00:00
Guy Harris
f60ddc5b3e CHANGES: add changes backported to 4.99. [skip ci] 2024-11-13 14:16:16 -08:00
Guy Harris
199bb821ba CMake: fix to support CMake 3.31.
Expand the "still support old versions of CMake, for the benefit of
people with older versions, but avoid deprecation warnings/errors"
section to handle the deprecation of pre-3.10 versions by 3.31.
2024-11-12 23:30:01 -08:00
Guy Harris
6bc9e72adc ipv6: set the snapshot length for the payload correctly.
Cut off the snapshot length to the end of the IP payload or the end of
the data in which it's contained, whichever comes first.
2024-11-12 23:16:54 -08:00
Francois-Xavier Le Bail
3b11c29db4 Cirrus CI: Update the macOS task image
Based on https://cirrus-ci.org/guide/macOS/.

This will avoid the warning:
Only ghcr.io/cirruslabs/macos-runner:sonoma is allowed. Automatically
upgraded.
2024-11-08 18:21:16 +00:00
Francois-Xavier Le Bail
c0677574af CHANGES: Add two changes backported to 4.99
[skip ci]
2024-11-04 15:11:55 +01:00
Casper Andersson
c98b4d0b3a ptp: Add test for management packets
Test setup:
ip link add link vethA type veth peer name vethB
ip link set dev vethA up
ip link set dev vethB up
ptp4l -2 -P -S -i vethA &
tcpdump -i vethA 'ether[14] = 0xD' -w ptp_management.pcap &

Tcpdump filtering on only management packets (0xD) to skip capturing
other traffic that is already covered by other tests.

Sending management requests (which ptp4l responds to):
pmc -b 3 -2 -i vethB 'get current_data_set'
pmc -b 3 -2 -i vethB 'get port_data_set'
pmc -b 3 -2 -i vethB 'get default_data_set'
pmc -b 3 -2 -i vethB 'get parent_data_set'
pmc -b 3 -2 -i vethB 'get clock_description'

Sidenote: the management packets contains a TLV at the end and I
included 5 of them (out of the total ~50 listed in the
standard). Tcpdump currently does not print the TLV.

Signed-off-by: Casper Andersson <casper.casan@gmail.com>
2024-11-04 13:56:55 +00:00
Casper Andersson
487405e871 ptp: Fix management packet fields
`bp` was modified inside the function but the change was not
reflected back outside, resulting in the fields afterwards accessing
the wrong part of the packet.

Signed-off-by: Casper Andersson <casper.casan@gmail.com>
2024-11-04 13:56:55 +00:00
Francois-Xavier Le Bail
40c29b66d7 CHANGES: Add a change backported to 4.99
[skip ci]
2024-11-02 16:21:57 +01:00
Francois-Xavier Le Bail
7eb03bc0da TCP: Fix Reset segment processing
When a received RST segment contains data, this is diagnostic data that
explains the cause of the RST.

So we have to stop processing, even if we don't print the data (no "-v").

Rename two test outputs, with "-v" in the names.
Add two test cases (existing pcap printed without "-v").
2024-11-02 14:53:24 +00:00
Francois-Xavier Le Bail
803b7028e0 IPv6: Fix inconsistencies in the printing of some option names
1) Hop-by-Hop Options Header

$ ./tcpdump --skip 1 -c1 -tnv -r tests/icmpv6.pcap
Before:
IP6 (hlim 1, next-header Options (0), payload length 36)
  fe80::215:17ff:fecc:e546 > ff02::16: HBH (rtalert: 0x0000) (padn)
  [icmp6 sum ok] ICMP6, [...]

There is "next-header Options" but the next header is printed "HBH".

After:
IP6 (hlim 1, next-header HBH (0), payload length 36)
  fe80::215:17ff:fecc:e546 > ff02::16: HBH (rtalert: 0x0000) (padn)
  [icmp6 sum ok] ICMP6, [...]

2) Destination Options Header

$ ./tcpdump  -tnv -r tests/erspan-type-iii-pb-1.pcap
Before:
IP6 (class 0x30, flowlabel 0x00001, hlim 1, next-header unknown (60),
  payload length 288) 4120:7467:1700:4200:143💯7f01:400e >
  4591:bfd7:cd87:d7:68:38:101:e800: DSTOPT (padn) [...]

There is "next-header unknown" but next header is printed "DSTOPT".

After:
IP6 (class 0x30, flowlabel 0x00001, hlim 1, next-header DSTOPT (60),
  payload length 288) 4120:7467:1700:4200:143💯7f01:400e >
  4591:bfd7:cd87:d7:68:38:101:e800: DSTOPT (padn) [...]

Moreover:
Update a ndo_protocol (s/hbhopt/hbh/).
Use nd_print_protocol_caps().

Update some test outputs accordingly.
2024-11-01 08:25:37 +00:00
Guy Harris
32e1896329 CHANGES: add a change backported to 4.99. [skip ci] 2024-10-31 12:04:55 -07:00
Guy Harris
a4221536d5 ip: set the snapshot length for the payload correctly.
Cut off the snapshot length to the end of the IP payload or the end of
the data in which it's contained, whichever comes first.
2024-10-31 11:28:37 -07:00
Guy Harris
d9355ee3f1 Don't hardwire the Windows system directory path.
Instead, fetch it with GetSystemDirectoryW() and append "\Npcap" to it.
2024-10-29 01:23:14 -07:00
Guy Harris
c2c2549677 erspan: add checks for data we don't print.
Make sure we don't run past the end of the captured data for fields we
skip in ERSPAN type III packets.

Add a test file.
2024-10-28 15:11:30 -07:00
Francois-Xavier Le Bail
fb3da61120 Appveyor: Run "git show --oneline -s"
It is used to identify the git HEAD.

[skip ci]
2024-10-27 14:20:36 +01:00
Francois-Xavier Le Bail
2f9f8d161f erspan: Rename two printers
Rename erspan_print_i_ii() to erspan_i_ii_print() and erspan_print_iii()
to erspan_iii_print(), with _print suffixes as in most similar cases.
2024-10-26 22:16:06 +02:00
Francois-Xavier Le Bail
a03bb3e8e5 build_matrix.sh: Add a "| cat" at the end of a git command
This can avoid a display pause problem with "less -S" as a git pager.

This is a folow-up to 2f0fc907b4.

[skip ci]
2024-10-25 10:38:31 +02:00
Francois-Xavier Le Bail
2f0fc907b4 build_matrix.sh: Run "git show --oneline -s"
It is used to identify the git HEAD.
2024-10-23 14:02:14 +02:00
Denis Ovsienko
ea7d94e2d8 Add vim swap files to .gitignore. [skip ci] 2024-10-23 12:15:58 +01:00
Francois-Xavier Le Bail
d0c66a2c2a Add --skip option to skip some packets before writing or printing
With this change, we can write/print some contiguous packets from a file.
We can also skip some packets doing a live capture.

The '--skip 0' option is allowed to help some loop in a shell script.

Examples:

Skip 3 packets when printing:
tcpdump -#n --skip 3 -r in.pcap

Write the sixth packet, if any:
tcpdump --skip 5 -c 1 -r in.pcap -w out.pcap

Write up to 5 packets after skipping 3:
tcpdump --skip 3 -c 5 -r in.pcap -w out.pcap
2024-10-23 07:23:47 +00:00
Francois-Xavier Le Bail
07a730a6f5 Juniper: Use the ND_ICHECKMSG_U() macro for a length check
It displays the reason for the "invalid" case.

Before:
    1  2015-05-19 13:34:16.720640  (invalid)
After:
    1  2015-05-19 13:34:16.720640  [cookie length 10 > 8] (invalid)

This is a follow-up to 8c7221d39b.

Add the poc test file from GitHub issue #783 (first packet).

Moreover:
Remove some extra blank lines.
2024-10-18 15:34:16 +02:00
Francois-Xavier Le Bail
6fa624334b Update the ND_TCHECK_LEN macro definitions
Avoid warnings such as in the following case:

        if (...)
                ND_TCHECK_LEN(...);
        else

With gcc:
source.c:X:12: warning: suggest explicit braces to avoid ambiguous
  'else' [-Wdangling-else]
    X |         if (...)
      |            ^

With clang:
source.c:Y:2: warning: add explicit braces to avoid dangling else
  [-Wdangling-else]
        else
        ^
2024-10-16 19:12:16 +00:00
Francois-Xavier Le Bail
2476b4caa0 Update the ND_ICHECKMSG_U and ND_ICHECKMSG_ZU macro definitions
Avoid errors such as in the following case:

        if (...)
                ND_ICHECKMSG_U(...);
	else

source.c:X:9: error: 'else' without a previous 'if'
    X |         else
      |         ^~~~

with gcc, or "error: expected expression" with clang.

This avoids the need to use explicit braces (dangling else).

Same for ND_ICHECK_U, ND_ICHECKMSG_ZU and ND_ICHECK_ZU.
2024-10-15 18:32:51 +00:00
Francois-Xavier Le Bail
dd2c53b069 PTP: Remove spaces before colons in output
Update four test outputs accordingly.
2024-10-12 14:29:23 +02:00
Francois-Xavier Le Bail
c4008014a9 Fix a few typos in comments
[skip ci]
2024-10-12 14:29:07 +02:00
Francois-Xavier Le Bail
7c01b1dc07 CHANGES: Add a change backported to 4.99
[skip ci]
2024-10-09 13:35:17 +02:00
Guy Harris
993a382e1d CHANGES: add a change backported to 1.10. [skip ci] 2024-10-08 22:11:12 -07:00
Guy Harris
89fc9f2161 Make tcpdump find wpcap.dll on Windows if it's not in the system library.
See https://npcap.com/guide/npcap-devguide.html#npcap-feature-native-dll-implicitly
for details on what's being done.

Fix #1226.
2024-10-08 21:39:41 -07:00
Francois-Xavier Le Bail
c20547acda Avoid some typo reports in comments
[skip ci]
2024-10-08 16:31:03 +02:00
Guy Harris
d958106f7b README.windows.md: Add VS 2022. [skip ci]
Also, put the "here's how to install CMake from Visual Studio" stuff
ahead of the "oh, and you can install it with Chocolatey" stuff.
2024-10-07 17:39:55 -07:00
Francois-Xavier Le Bail
09454b9bf2 LWAPP: Fix indentation for some ND_PRINT()
[skip ci]
2024-10-07 17:01:16 +02:00
Francois-Xavier Le Bail
f6b588a1f7 LWAPP: Fix indentation
s/^<tab>/<8 spaces>/

[skip ci]
2024-10-07 13:34:23 +02:00
Francois-Xavier Le Bail
679e78debf LWAPP: Use flag bit names closer to those in the RFC
L Bit: If set, it's not "Last Fragment", but "Not Last".

Add comments on flag bits.

Moreover:
Remove extra spaces in the output.
2024-10-02 21:51:25 +02:00
Denis Ovsienko
29d89054eb CREDITS: Update Robert Edmonds entry. [skip ci]
Same as in libpcap.
2024-10-02 18:15:35 +01:00
Francois-Xavier Le Bail
f6d81c3524 CHANGES: Add a change in the main section
[skip ci]
2024-10-01 20:06:39 +02:00
Francois-Xavier Le Bail
1729c1d31f NTP: Use GET_U_1() to replace a direct dereference 2024-09-30 20:23:34 +02:00
Francois-Xavier Le Bail
ebe47db276 CHANGES: Add a change backported to 4.99
[skip ci]
2024-09-30 18:08:07 +02:00
Francois-Xavier Le Bail
49fa8ff397 Fix a typo in a comment 2024-09-30 13:59:00 +02:00
Francois-Xavier Le Bail
ad5e31b10c Fix '-tt' option printing when time > 2106-02-07T06:28:15Z
Currently the printing with '-tt' option (unix time) is incorrect.

Some examples:
1) test: time_2106_overflow-tt
0.000000 IP 192.168.1.11.43966 > 209.87.249.18.53: UDP, length 56
Should be:
4294967296.000000 IP 192.168.1.11.43966 > 209.87.249.18.53: UDP, length 56
2) test: time_2107-tt
28315904.000000 IP 192.168.1.11.43966 > 209.87.249.18.53: UDP, length 56
Should be:
4323283200.000000 IP 192.168.1.11.43966 > 209.87.249.18.53: UDP, length 56

Two build examples:
64-bit build: tv->tv_sec has type '__time_t' (aka 'long').
32-bit build with _TIME_BITS=64: tv->tv_sec has type '__time64_t'
  (aka 'long long').

Using 'unsigned' cast is incorrect for these 64-bit data.

Thus convert to 'int64_t' and print with '"%" PRId64'.

Add two test cases (existing pcapng printed with -tt).
2024-09-28 14:01:32 +00:00
Francois-Xavier Le Bail
a41457a51a Add eight time test files with packet dates in 2038, 2039, 2106 and 2107
Each capture file contains one packet.

time_2038.pcap:		   2038-01-01 00:00:00
time_2038_max.pcap:	   2038-01-19 03:14:07
time_2038_overflow.pcap:   2038-01-19 03:14:08
time_2039.pcap:		   2039-01-01 00:00:00
time_2106.pcap:		   2106-01-01 00:00:00
time_2106_max.pcap:	   2106-02-07 06:28:15
time_2106_overflow.pcapng: 2106-02-07 06:28:16
time_2107.pcapng:	   2107-01-01 00:00:00

The packet time when > 2038-01-19T03:14:07Z cannot be correctly printed
if time_t size is 32 bits (overflow).
Some tests are run only if HAVE_TIME_T_64 is set. it depends on the
output of "./tcpdump --time-t-size" (32 or 64).

A 32-bit unsigned time_t goes until 2106-02-07T06:28:15Z.
All values above require a pcapng file.
2024-09-27 21:32:36 +00:00