I've had problem replying to the list, so this is just a test.
BTW. tok2str() is still vulnerable.
- Original Message -
From: "Gisle Vanem" <[EMAIL PROTECTED]>
To: "tcpdump-workers" <[EMAIL PROTECTED]>
Sent: Wednesday, March 24, 2004 9:26 PM
Subje
I feel it's high time we cleanup some of the sources. I'd start
with savefile.c. Currently it doesn't work for offline data from stdin.
--gv
--- libpcap-2004.05.20/savefile.c Tue Mar 23 21:18:08 2004
+++ savefile.c Wed Mar 24 16:29:06 2004
@@ -52,6 +52,12 @@
#define TCPDUMP_MAGIC 0xa1b2c3d
"Guy Harris" <[EMAIL PROTECTED]> said:
> Also, is "setmode()" sufficient with all the compilers that could be
> used to compile libpcap/WinPcap on Windows (MSVC++, MinGW, etc.), or is
> "_setmode()" needed with some compilers? (The code currently uses
> "_setmode()".)
MSVC/MingW/CygWin have b
"Guy Harris" <[EMAIL PROTECTED]> said:
> Also, should we save the mode returned by "setmode()" and restore it
> when we close a "pcap_t" or "pcap_dumper_t" that refers to the standard
> input or output?
Since pcap_dump_close() doesn't have a pcap_t argument, where should
the oldmode come from?
> Since pcap_dump_close() doesn't have a pcap_t argument, where should
> the oldmode come from? Can we have two module globals; oldmode_stdin,
> oldmode_stdout, assuming stdin/stdout won't be opened for capture more
> than once?
I've added a 'long filemode' to 'struct pcap' (long since O_BINARY
http://www.tcpdump.org/daily/tcpdump-current.tar.gz
of a few minutes ago contains files from 22 July. i.e. the direcory
prefix is "tcpdump-2004.07.22".
Isn't the current file built by a cron job irrespective of any files having
been changed or not? Or has crond gone down or taken summer-holida
I've compiled tcpdump okay with these compilers and some
small changes.
Digital Mars doesn't allow conversion between unsigned
and signed without a cast. So this is needed:
--- tcpdump-2004.11.02/print-802_11.c Thu Sep 23 23:57:25 2004
+++ ./print-802_11.c Fri Oct 29 14:48:11 2004
@@ -964,7 +964,7
Some of the ifdefs for MingW/MSVC are completely unnecessary.
There should be no need for _errno() etc in the sources. Looks like
tcpdump was patched to suite a very old MingW. MingW also have
getnameinfo().
I've also added:
IPv6 capability to inet_pton.c. Courtesy of Paul Vixie.
inline ntohl(
"Guy Harris" wrote:
Does anything other than tcpdump.c and util.c need ? If not,
then there's no need to include in tcpdump-stdinc.h - you can
just move the include of in tcpdump.c outside of the #ifndef
WIN32.
is needed in missing/get*info.c and missing/inet*.c too. And in
machdep.c for __o
"Guy Harris" wrote:
Are there any OSes where ntohl() and ntohs() are defined as assembler
macros on x86? If so, we might not want to override those definitions,
if either
1) the OS is 486-and-later-only and uses the 32-bit byte-swapping
instruction for ntohl()
My version (ripped from Linux) sh
The recent (?) -G option requires gettimeofday() which isn't available
on Win32. Attached is a patch to util.c which adds this function.
--gv
--- tcpdump-2005.12.03/util.c Thu Jun 16 00:19:38 2005
+++ util.c Sat Dec 03 17:01:05 2005
@@ -526,3 +526,44 @@
else
print
The print-dccp.c file is rather gcc centric in the way it uses declarations
after code statements. E.g.:
TCHECK2(*dh_ack,8);
u_int32_t ack_low = dh_ack->dccph_ack_nr_low;
Which doesn't work in MSVC7.
The attached patch also removes the dccp_hdr_data() function.
It's not used and besides writ
This file is needed by print-bgp.c, print-ldp.c and print-rip.c, but missing
from the tar-ball. Should it be generated by configure? And the FILES list
af.c as well. That's missing too.
BTW. addrtoname.c on Win32 is missing ETHER_ADDR_LEN. A fix:
--- tcpdump-2006.02.25\addrtoname.c Sat Feb 1
"Guy Harris" <[EMAIL PROTECTED]> wrote:
No - it, and af.c, should probably be generated from the stuff removed
from print-bgp.c.
I've checked in versions of af.c and af.h generated that way.
netdissect.h isn't atomic; it needs ahead of it (from
tcpdump-stdinc.h). Hence:
--- tcpdump-2006.
FYI, trying "wget -S http://www.tcpdump.org/daily/tcpdump-current.tar.gz";
gives
HTTP/1.1 200 OK
Date: Mon, 15 May 2006 17:30:13 GMT
Server: Apache/2.0.54 (Debian GNU/Linux)
Last-Modified: Mon, 15 May 2006 05:04:03 GMT
ETag: "3f06-0-9d7836c0"
Accept-Ranges: bytes
Content-Length: 0
...
Ho
The recent pcap-win32.c adds these link types:
NdisMediumBare80211
NdisMediumRadio80211
Searching MS and Google came up blank on these. What
values should these have?
IMHO, something like this should be added to the top of pcap-win32.c:
#ifndef NdisMediumBare80211
#define NdisMediumBare80211
--- CVS-Latest/pcap.c Wed Oct 17 17:52:41 2007
+++ pcap.c Tue Nov 06 15:04:27 2007
@@ -789,7 +789,7 @@
int
pcap_setmintocopy(pcap_t *p, int size)
{
- return p->setintocopy_op(p, size);
+ return p->setmintocopy_op(p, size);
}
static int
--gv
-
This is the tcpdump-workers list.
The recent change for pcap_activate() broke the DOS-port.
Here's a small fix:
--- pcap-dos.c.orig Mon Apr 14 19:40:58 2008
+++ pcap-doc.cThu Apr 17 15:33:00 2008
@@ -97,10 +97,10 @@
static struct device *handle_to_device [20];
-static void pcap_activate_dos (pcap_t *p);
+static int pc
"Guy Harris" <[EMAIL PROTECTED]> wrote:
@@ -201,7 +202,7 @@
"Cannot use different devices simultaneously "
"(`%s' vs. `%s')", active_dev->name, pcap->md.device);
free (pcap);
-err = PCAP_ERROR;
+err = PCAP_ERROR_ACTIVATED;
PCAP_ERROR_ACTIVATED means you'
:06:13 2008
@@ -38,7 +38,7 @@
Fulko Hew
Gianluca Varenni
Gilbert Hoyek
- Gisle Vanem
+ Gisle Vanem
Graeme Hewson
Greg Stark
* gnuc.c not needed.
* sys/pack*.h was renamed in a recent Watt-32 distro.
--- msdos/pktdrvr.c.orig Sat Dec 18 07:52:14 2004
+++ msdos/pktdrvr.c Wed Dec 13 15:55:00 2006
@@ -21,7 +21,6 @@
#include
#include
-#include "gnuc.h"
#include "pcap-dos.h"
#include "pcap-int.h"
#include "msdos/pktdrv
"Guy Harris" <[EMAIL PROTECTED]> wrote:
So what *is* this case? The error message is "Cannot use different
devices simultaneously"; does that mean that you can have multiple
instances of the same device open at the same time, but you can't have
instances of more than one device open at the sa
What's up with the cvs access? I'm getting this error now:
no such user tcpdump in CVSROOT/passwd
when logging in with the command
cvs -d :pserver:[EMAIL PROTECTED]:/tcpdump/master login
--gv
-
This is the tcpdump-workers list.
Visit https://cod.sandelman.ca/ to unsubscribe.
bzero() and bcopy() are not universally available. But
memset() and memcpy() are AFAICS. Attached diffs-5.txt.
--gv
--- CVS-Latest/signature.c Sat Aug 16 10:36:20 2008
+++ signature.c Mon Sep 22 16:58:20 2008
@@ -83,10 +83,10 @@
*/
/* start out by storing key in pads */
-bzero
* Added header-guard.
* Include IP6_misc.h unconditionally (why treat MingW specially?)
--gv
--- CVS-Latest/pcap-stdinc.h Mon Oct 06 14:27:32 2008
+++ pcap-stdinc.hThu Feb 12 21:25:34 2009
@@ -30,6 +30,8 @@
*
* @(#) $Header: /tcpdump/master/libpcap/pcap-stdinc.h,v 1.11 2008-10-06
1
* nametoaddr.c with DECNETLIB defined needs
included. And which again needs .
* Remove "IP6_misc.h" since it's already included in pcap-stdinc.h
(ref. my patch to this file).
--gv
--- CVS-Latest/nametoaddr.cWed Feb 06 09:21:30 2008
+++ nametoaddr.c Mon Sep 22 16:04:13 2008
@@ -31
"Tyler Littlefield" wrote:
I rewrote my callback function to work a bit differently, but it's still giving
me weird sizes.
What do you mean exactly?
in capt_h():
ip_hdr* ip=(ip_hdr*)(packet+sizeof(ether_hdr));
cout << "From: " << inet_ntoa(ip->ip_src) << "\t\t" << "to: " << inet_ntoa(ip->
the size of the Ip works, but when I get the tcp packet, things don't work
as planned--it gives invalid ports.
I see:
tcp = (tcp_hdr *) ((packet + sizeof (ether_hdr)) + ip_size);
cout << "Source port: " << tcp->th_sport << "\t\tDestination port: " << tcp->th_dport <<
"." << endl;
You forgot
A small patch to make this file compile on Windows:
--- Git-latest/findalldevstest.c Tue Feb 17 16:55:35 2009
+++ findalldevstest.c Wed Feb 18 12:45:00 2009
@@ -4,10 +4,13 @@
#include
#include
+
+#ifndef WIN32
#include
#include
#include
#include
+#endif
#include
--
--gv
-
T
"Guy Harris" wrote:
Send us a patch, submit it on SourceForge, or do whatever the shiny new Git
magic
is for that (Michael, how do people do that?).
This is what I do (and what the sourceforge page [1] states). 1st time
checkout:
git clone git://bpf.tcpdump.org/libpcap
Then "git fetch"
"Michael Richardson" wrote:
I hope that things work okay.
https://lists.sandelman.ca/mailman/listinfo/tcpdump-workers
uses a cacert.org certificate. visit www.cacert.org to load it into
your browser.
I can ping the host, but it doesn't reply at the TCP-level:
nmap -sT -p443 209.87.252.
It doesn't matter much for folks with case-insensitive file-systems, but
the Git-repo contains these two directories:
https://github.com/mcr/tcpdump/tree/master/win32
https://github.com/mcr/tcpdump/tree/master/Win32
Maybe the files under 'Win32' should be moved into 'win32'?
PS. I'm trying to
It doesn't matter much for folks with case-insensitive file-systems, but
the Git-repo contains these two directories:
https://github.com/mcr/tcpdump/tree/master/win32
https://github.com/mcr/tcpdump/tree/master/Win32
Maybe the files under 'Win32' should be moved into 'win32'?
--gv
This file doesn't compile using MSVC v16 (from VC-Express 2010)
because it has variable definitions after statements ('<< problem X' below).
tcpdump should be in pure C, not C++ or gcc features. Right?
Patch:
--- Git-Latest\print-dhcp6.cThu Feb 28 16:10:44 2013
+++ print-dhcp6.c Mon
This file has fallen behind since pcap_create() was put in
pcap.c long time ago (a more generic create-function). Hence:
--- Git-Latest\pcap-dos.c Wed Nov 28 23:41:44 2012
+++ pcap-dos.c Thu Nov 29 00:00:12 2012
@@ -143,7 +143,7 @@
return handle_to_device [fd-1];
}
-pcap_t *pcap_create
"Michael Richardson" wrote:
If one wants to add -W options to the standard build, I'm wondering what
the right autoconf magic is to enable such a thing. fxlb suggested:
"-Wunused -Wunused-parameter"
I compile using MingW (gcc 4.7.2) and normally I use
-Wall -W.
But this gives tons of warni
This is a similar patch to the change of pcap-dos.c:
https://github.com/mcr/libpcap/commit/73b5f0387199fbaa75130837b931faf770471640
I.e. the '_interfaces' suffix got lost in some other change to the puplic API.
(I don't know when). Since 'pcap_findalldevs()' is now a more generic version in
pca
"Guy Harris" wrote:
'NameLength = 0' is just in case 'PacketGetAdapterNames()' fails
w/o setting '*NameLength == 0'. It really could do that; ref. Packet32.c in
WinPcap.
Really? I don't see that. (The first call should *always* "fail", in the sense of
returning FALSE; if the cause of the
I really don't understand the motivation behind the Win32-code
for pcap_compile(). In gencode.c:
int
pcap_compile(pcap_t *p, struct bpf_program *program,
const char *buf, int optimize, bpf_u_int32 mask)
{
int result;
EnterCriticalSection(&g_PcapCompileCriticalSection);
result = pcap_compil
"Denis Ovsienko" wrote:
is anybody else willing to review this pull request?
https://github.com/the-tcpdump-group/tcpdump/pull/324
I just did a build with MSVC after a new checkout of
https://github.com/the-tcpdump-group/tcpdump.git
It didn't work out-of-the box because my MSVC (v16 from
"Denis Ovsienko" wrote:
And must go on Windows:
I addressed this in a little cleaner way. The changes are in the master branch
now, could you check?
Works fine with MSVC. I've added a comment on print-carp.c:
https://github.com/the-tcpdump-group/tcpdump/commit/9a68bf303ada7a69d853eeefa0
'int32_t' isn't 'int' for all targets. Some Windows targets have
it defined as 'signed int' in . So print-nfs.c
does not compile cleanly; conflicting definition of xid_map_find().
A fix:
--- Git-Latest/print-nfs.c 2013-07-03 09:24:42 +
+++ print-nfs.c 2013-07-04 07:39:33 +
@@ -981,7
"Denis Ovsienko" wrote:
10.07.2013, 15:18, "Gisle Vanem" :
'int32_t' isn't 'int' for all targets. Some Windows targets have
it defined as 'signed int' in . So print-nfs.c
does not compile cleanly; conflicting definition of xid_map_find()
'struct pcap' has a member:
void *private; /* private data for methods */
Which doesn't work so well when including pcap-int.h
from a C++ program. The file looks to be meant for C++
because of:
#ifdef __cplusplus
extern "C" {
#endif
Can this be renamed to 'priv' or '_private' ?
--gv
__
"Lentes, Bernd" wrote:
I'd like to capture all packets which have the same MAC-address for sender and
destination.
But i don't know the MAC which is causing these messages. So i have to use an
universal filter.
I tried to use "tcpdump 'ether[8:6] = ether[14:6]'". Beginning with byte 8 is the
Guy Harris alum.mit.edu> writes:
> The tcpdump/libpcap RCS/CVS IDs serve no purpose now that
> libpcap and tcpdump are kept in Git, as far as I can see.
Then you (or someone else) can change the WIN32 version stuff:
char WDversion[]="current-cvs.tcpdump.org";
#if !defined(HAVE_GENERATE
Building windump using MingW + gcc 4.7.2, I get:
print-rx.c: In function 'fs_print':
print-rx.c:929:4: warning: unknown conversion type character 'T' in format
[-Wformat]
print-rx.c:933:4: warning: unknown conversion type character 'T' in format
[-Wformat]
This comes from the macro DATEOUT()
The prototype and implementation of 'zmtp1_print_datagram()'
is slightly different; the prototype has a 'const u_int len' as the last
parameter. Whereas the implementation has no 'const'. Hence
I get a warning from MSVC. Hence:
diff -u3 Git-Latest/print-zeromq.c ./print-zeromq.c
--- Git-Latest/pr
"François-Xavier Le Bail" wrote:
Is it not better to add const in the propotype ?
Comparing to other print-function with a 'len' as last parameter,
I think not. Looking through interface.h for *_print() functions, only these
have a 'const u_int' as last arg:
openflow_print, ahcp_print.
IMHO
I'm sure my old MSVC v16 has a bit stupid C-preprocessor. At least when
expanding this (line 153):
ND_PRINT((ndo, "%s%s", sep,
#ifdef INET6
ip6addr_string(cp)
#else
"(compiled w/o IPv6)"
#endif /* INET6 */
into this (all on one line):
(*ndo->ndo_printf)(ndo, "%s%s", sep
"Gisle Vanem" wrote:
I'm sure my old MSVC v16 has a bit stupid C-preprocessor. At least when
expanding this (line 153):
Now this C-preprocessor "bug" got me into problems with print-olsr.c too.
A patch:
--- Git-Latest/print-olsr.c 2014-04-02 17:02:01 +
+++ pr
I note that a local "Win32/include/errno.h" is shadowing for the
real which is not nice. And shouldn't sys-headers come first
in missing/inet_pton.c?
#include
#include
Since MSVC's has a 'EAFNOSUPPORT', but MingW+Watcom
does not, I think it's cleaner to remove the local Win32/include/e
The use of function parse_elements() in print-802_11.c looks a bit fishy.
E.g. in handle_beacon():
ret = parse_elements(ndo, &pbody, p, offset, length);
PRINT_SSID(pbody);
PRINT_RATES(pbody);
Here parse_elements() has set 'pbody.ssid' to a local (on stack)
SSID in it's 'struct ssid_t ssid':
i
Here are some errors in lost parenthesis errors I've found when building using
MSVC:
diff -Hb -u3 Git-Latest/print-802_15_4.c ./print-802_15_4.c
--- Git-Latest/print-802_15_4.c 2014-04-10 23:49:50 +
+++ ./print-802_15_4.c 2014-04-15 13:22:13 +
@@ -143,7 +143,7 @@
p
Yang Luo wrote:
> 1) Modified the CMakeLists.txt Line 3 from
> set( PROJECT_NAME pcap )
> to
> set( PROJECT_NAME wpcap )
> I thought the output binary should be wpcap.dll instead of pcap.dll, so I
> just changed it, I don't know if this is the correct move..
No, it seems be require "set( PROJECT_
Yang Luo wrote:
> But the trunk code of libpcap is lower-case,
> see https://github.com/the-tcpdump-group/libpcap/blob/master/CMakeLists.txt
I don't know how Cmake translates a ${PROJECT_NAME} into '-DBUILDING_pcap'.
(and I don't really care to learn the contorted mess called Cmake).
> And in fa
Yang Luo wrote:
> Given that WinDump is kind of "official" example to use libpcap/Npcap API,
> it's not good that they can't compile.
Why do you say that? IMHO, tcpdump/WinDump at:
https://github.com/the-tcpdump-group/tcpdump.git
is the "official". Works fine for me on Windows. Have you tried
57 matches
Mail list logo
