Commit Graph

32 Commits

Author SHA1 Message Date
Francois-Xavier Le Bail
00ecef01d7 Add more nd_print_trunc() calls
Update the output of some tests accordingly.
2018-05-06 11:26:45 +02:00
Francois-Xavier Le Bail
56e6581c34 Remove useless comments 2018-03-19 15:16:32 +01:00
Francois-Xavier Le Bail
546558eabd Add the ndo_protocol field in the netdissect_options structure
Update this field in printer entry functions.
It will be used for some printings.
2018-03-16 19:44:47 +01:00
Guy Harris
fb2479d733 Always include <config.h> rather than "config.h".
This can prevent bizarre failures if, for example, you've done a
configuration in the top-level source directory, leaving behind one
config.h file, and then do an out-of-tree build in another directory,
with different configuration options.  This way, we always pick up the
same config.h, in the build directory.
2018-01-21 12:27:28 -08:00
Francois-Xavier Le Bail
513f782ae1 Use quoted include netdissect-stdinc.h instead of angle-bracketed one 2018-01-21 10:28:15 +01:00
Francois-Xavier Le Bail
e2982e7f6f Update ND_PRINT() as a variadic macro 2018-01-07 13:36:41 +01:00
Francois-Xavier Le Bail
d526e47658 Use ND_TTEST_SIZE()/ND_TCHECK_SIZE() macros (1/n) 2018-01-03 21:32:07 +01:00
Guy Harris
1755cb3e65 Split typesource into type and source fields.
This makes the dissection a bit clearer, and makes the dissecction of
extended and non-extended structures more similar.
2017-12-31 02:04:12 -08:00
Guy Harris
24520579a2 Use nd_ types. 2017-12-30 18:32:47 -08:00
Francois-Xavier Le Bail
84ef17ac0e Replace ND_TTEST2()/ND_TCHECK2() macros by macros using pointers (1/n)
ND_TTEST2(var, l)  -> ND_TTEST_LEN(p, l)
ND_TCHECK2(var, l) -> ND_TCHECK_LEN(p, l)
2017-12-11 22:11:01 +01:00
Francois-Xavier Le Bail
da20bc56d6 Rename EXTRACT_ macros
Now all the macros have a name meaning a count in bytes.

With _S_: signed, _U_: unsigned

e.g.:
EXTRACT_BE_32BITS -> EXTRACT_BE_U_4
EXTRACT_LE_32BITS -> EXTRACT_LE_U_4
...
EXTRACT_BE_INT32 -> EXTRACT_BE_S_4

and have:
EXTRACT_8BITS -> EXTRACT_U_1
EXTRACT_INT8  -> EXTRACT_S_1
2017-11-22 23:54:09 +01:00
Francois-Xavier Le Bail
577621026d Rename EXTRACT_nBITS() macros to EXTRACT_BE_nBITS()
It indicates clearly that these macros are used to extract big-endian
integral values.
2017-11-18 13:56:40 +01:00
Denis Ovsienko
413840cf18 Don't specify struct as "const" within sizeof().
The only difference the const qualifier makes in this context is visual,
make it consistent with the rest of the source code.
2017-09-13 13:33:02 +01:00
Francois-Xavier Le Bail
b38f324af9 Add a summary comment in all other printers
Moreover:
Remove some redundant comments
Update some summary comments
Update the specification URL for ATA over Ethernet (AoE) protocol
2016-08-15 22:42:38 +02:00
Francois-Xavier Le Bail
99c91c3aec Rename 'tcpdump-stdinc.h' to 'netdissect-stdinc.h'
Get the full log via: git log --follow netdissect-stdinc.h
2015-09-10 08:50:40 +02:00
Francois-Xavier Le Bail
c1c3c77463 Printers must include 'netdissect.h', not 'interface.h' 2015-09-05 23:35:58 +02:00
Francois-Xavier Le Bail
e8cd6c12e3 SFLOW: Fix bounds checking 2015-05-07 17:54:32 +02:00
Guy Harris
69cb46af91 Fix a bunch of de-constifications. 2015-04-26 17:24:42 -07:00
Denis Ovsienko
38700c7f24 dismiss NETDISSECT_REWORKED macro
The purpose of this macro was to enable the file-by-file switch to NDO,
after which only tcpdump.c had a use of it and the definitions guarded
by it. Update tcpdump.c not to require them any more and dismiss the
unused definitions.
2015-03-22 10:06:15 +00:00
Denis Ovsienko
60a835d80f clean K&R style up in function declarations a bit
The function body should have its opening brace on the next line.
2015-03-05 10:35:03 +00:00
Guy Harris
ed85e20e4d u_intN_t is dead, long live uintN_t.
And, as we require at least autoconf 2.61, and as autoconf 2.61 and
later have AC_TYPE_UINTn_T and AC_TYPE_INTn_T macros, we use them to
define the uintN_t and intN_t macros if the system doesn't define them
for us.

This lets us get rid of bitypes.h as well.
2014-04-23 00:20:40 -07:00
Guy Harris
1cde6435df Netdissectify the to-name resolution routines.
Have them take a netdissect_options * argument, and get the "no name
resolution" flag from it.

Move the declaration of dnaddr_string to addrtoname.h, along with the
other XXX-to-string routines.
2014-04-04 00:43:46 -07:00
Denis Ovsienko
59690cf6b7 NDOize BOOTP, DHCPv6, DNS, PIM and sFlow decoders
Also add/remove tabs in a few involved functions to justify indentation.
2014-03-25 23:27:23 +04:00
Denis Ovsienko
fe3253b9b8 remove tcpdump's own CVS keywords
Remove lots of $Header's and a few $Id's that all belong to the former
CVS repository of tcpdump itself. These keywords have been frozen since
the migration to git in late 2008.
2014-01-03 00:59:08 +04:00
Michael Richardson
ac910c086e ndo-ize print-ascii: hex_print_with_offset() 2014-01-01 21:31:18 -05:00
Michael Richardson
a97fb2f3ae whitespace changes 2014-01-01 21:31:18 -05:00
Ruben Kerkhof
f9e99345dd print-sflow.c: print agent_id instead of samples 2013-03-18 19:10:35 +01:00
Rick Jones
96c2a764eb The ifSpeed field of a generic interface counter in sFlow is 64 bits.
The "overlay" definition in print-sflow.c is correct, but the actual
extract for printing is using EXTRACT_32BITS rather than EXTRACT_64BITS,
which leads to an incorrect report for speed.

Reviewed-By: Guy Harris <guy@alum.mit.edu>
2011-06-02 10:56:08 -07:00
Rick Jones
5779709949 Handle the enterprise field of the sflow flow and counter record format.
Thanks to some traces sent my way by Gavin McCullagh, and a comparison
against the output of inMon's sflowtool, I can confidently say "Yes
Virginia, there is an enterprise other than zero."  Which means lest we
start trying to decode something as what it is not, we best actually
look at the enterprise field and make sure it is one we recognize.
2011-04-15 10:01:02 -07:00
Rick Jones
e6358eaba7 To enable printing of non-expanded samples I've shuffled a bunch of code
around and created a bunch of smaller routines to more easily support
printing of both expanded and non-expanded counter and flow samples.
I've done simple testing of non-expanded counter and flow, and expanded
counter, but I don't have expanded flow at present with which to test.
So, that part of the change is only compile/eyeball tested.

Reviewed-and-tweaked-by: Guy Harris <guy@alum.mit.edu>
2011-04-14 11:32:08 -07:00
Guy Harris
a9876473a2 Check the sample, flow, and counter lengths.
When dissecting a sample, or a flow or counter within the sample, make
sure we don't run past the length in the sample/flow/counter header.

This also means we count the sample length down as we process the
contents of the sample, so we only add what, if anything, remains of the
sample to the pointer into the packet, and subtract that from the
remaining data length in the packet, which means we properly handle
packets with multiple samples.
2011-04-04 19:03:56 -07:00
hannes
e7dc0250ec from Carles Kishimoto <carles.kishimoto@gmail.com>: add support for the SFLOW protocol 2007-08-08 17:20:58 +00:00