There was an invalid ND_TCHECK_LEN(), thus the AIGP metric attribute
at the end of an update message was incorrectly shown as truncated.
Remove it because the data fetching is secured by GET_BE_U_8 and
print_unknown_data.
Add a test file with AIGP attribute at the end of an update message.
This should fix GitHub issue #975.
Remark:
This code need more updates on length checks to change some 'truncated'
process to 'invalid' process.
New option `--print-sampling=NTH` will parse and print every NTH packet,
with all other packets producing no output. This option enables
`--print` and `-S` flags.
Print sampling is useful for real-time inspection of an interface with
a high packet rate, or initial inspection of large capture files.
In print-openflow-1.0.c and print-openflow-1.3.c replace the remaining
"goto invalid" checks with ND_ICHECK_U() and ND_ICHECKMSG_U(). Redo the
changes from commit 1ce16ea: use the same order of arguments and the
same comparison operators as before the change and lose the unsigned
compensation, which is no longer required. Add another test case using
a malformed packet from Francois-Xavier.
For OFPT_PACKET_OUT print "actions_len", as it is a part of the message
and should appear in its decoding (in other message types it is derived
from the message length).
ND_ICHECK_*() in of10_actions_print(), of10_flow_stats_reply_print() and
of10_packet_out_print() after printing at least some of the output.
This, compared to just "(invalid) (invalid)", makes it much easier to
understand where and why the packet data was not fully decoded. Define
OF_ACTION_MINLEN unsigned to squelch the induced compiler warnings. A
number of similar checks still remain to be converted the same way.
The 4 MSBs of the VID is stored in the lower nibble of the tag's third
byte.
Previously the priority bits where folded into the VID space, e.g. a
packet with VID=1 and priority 6 was printed as having a VID of
1537 (0x601).
Add DSA test PCAPs with packets containing a high VID and non-zero
FPri values to make sure we catch any future regressions.
Signed-off-by: Tobias Waldekranz <tobias@waldekranz.com>
The newly added pcap file contains a Mesh Beacon frame, a Wildcard Probe
Request and a Mesh Probe Response. The test case checks if the "Mesh ID"
field is properly parsed by the IEEE 802.11 printer.
Sun C 5.9 does not support C99. GCC 4.6.4 recognizes -std=gnu99, but
does not support the z length modifier in printf(3). In either case 18
tests fail in the following manner:
< [...]: domain [length 0 < 12] (invalid)
---
> [...]: domain [length 0 < zu] (invalid)
Make these tests conditional and disable them when HAVE_NO_PRINTF_Z is
defined. Modify the Autoconf leg of the build process to define the
macro when printf() does not handle %zu as expected. The CMake leg looks
broken on Solaris 9 with 2.8.9 now, so leave it be for now.
Add support for SBFD on UDP port 7784. SBFD is different
in that packets from the reflector will be sent with *source*
port 7784; in all other BFD mechanisms, it is only the
destination port that matters. For SBFD print-udp.c has to
check both source and destination port.
Add missing GET_U_1() wrappers to cover struct igrprte properly again,
also deduplicate some code.
This fixes a buffer over-read introduced in a recent commit 09b9aad and
discovered by Hardik Shah.
Add a test using the capture file supplied by the reporter.
If the upper 2 bits of a label/pointer value are 10, treat that as an
error.
If a name is longer than 255 characters, treat that as an error.
This prevents some long loops with malformed packets, as found by Hardik
Shah.
print "v1-echo" if the echo bit is set in the ADD_ADDR suboption (see
RFC8684 §3.4.1). While at it, dissect the 4 bits after the MPTCP option
subtype when the value is "ADD_ADDR" (0x3), according to protocol v0 and
v1. Add a selftest with a capture taken from a recent Linux kernel
implementation, and fix printout of add-addr in the existing selftests.
Signed-off-by: Davide Caratti <dcaratti@redhat.com>
During development of LSP ping, the embedded timestamps were
changed from struct timeval to NTP time, so update the printer
to match the RFC.
(Cherry-picked from GH #874.)
The SRv6 network programming defines a new IP protocol number [1].
The new protocol number is used in the Next Header field of an IPv6 header
or any extension header indicates that the payload is an Ethernet.
IANA has assigned 143 as the protocol number of ethernet [2].
The SRv6 packet has the following format:
IPv6 HDR + SRH + Ethernet HDR + IPv4/IPv6 packet
This patch allows TCPDUMP to dissect such SRv6 packets.
[1] https://tools.ietf.org/html/draft-ietf-spring-srv6-network-programming-16#section-9.1
[2] https://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml
Signed-off-by: Ahmed Abdelsalam <ahabdels@gmail.com>
As per IEEE std 802.1-AB-2009, 802.3 link aggregation TLV has been
deprecated and link aggregation TLV has been added as an 802.1
TLV. Support for this is given.
This is a follow-up to commit 25687e1a31.
These files come from the Wireshark menagerie:
0031419.pcap (link type 160) and 5632-Raw_D-BUS.cap (first two packets).
Adapted from GitHub pull request #798.
Print " (invalid)" when combinations of V-Flag and L-Flag are invalid.
Update comments (draft -> RFC).
Remove some ND_TCHECK_LEN because GET_ use.
Update the output of isis_sid test because commit
b09710dfcd updated the output format
of the IS-IS dissector.
