Re: [tcpdump-workers] [PATCH] enable sniff on USB ports on linux
On Thu, Sep 28, 2006 at 05:04:59PM -0400, Michael Richardson wrote: > I think that we can: > a) ask LBL folks if we can move to 3-clause. That's OK. > b) ping all people in CREDITS, and wait a month. Well, but then you need to replace the code of everyone who has not answered - not answering does not mean consent to a license change. ciao Joerg -- Joerg Mayer <[EMAIL PROTECTED]> We are stuck with technology when what we really want is just stuff that works. Some say that should read Microsoft instead of technology. - This is the tcpdump-workers list. Visit https://cod.sandelman.ca/ to unsubscribe.
Re: [tcpdump-workers] [PATCH] enable sniff on USB ports on linux
On Thu, Sep 28, 2006 at 01:17:17PM -0700, Guy Harris wrote: > 1) The rest of libpcap is licensed under the Berkeley license, with > some of it under the four-clause Berkeley license, which isn't > compatible with the GPL: > > > http://www.gnu.org/licenses/license-list.html#GPLIncompatibleLicenses OOps!! So basicall all GPLv2 software that links against libpcap is in violation of the GPL. Basically that means, that wireshark cannot be linked against libpcap? Ciao Joerg -- Joerg Mayer <[EMAIL PROTECTED]> We are stuck with technology when what we really want is just stuff that works. Some say that should read Microsoft instead of technology. - This is the tcpdump-workers list. Visit https://cod.sandelman.ca/ to unsubscribe.
Re: [tcpdump-workers] [PATCH] fix usb off by one
On Sun, Oct 15, 2006 at 07:35:36PM +0200, Paolo Abeni wrote: > p.s. the gettimeofday syscall give some overhead to the sniffing code, > but currently the text interface provided by the kernel is IMHO the real > bottleneck. Could you post a kernel-patch that fixes the worst problems with the interfaces without breaking libpcap? I'm thinking of the timestamp problem and the incomplete captures - so in case I want a complete capture or better timestamps I could just apply your patch and rebuild the kernel? thanks Joerg PS: OK, the timestamps have already been worked around and might not be doable withouth breaking the ABI but the capture thing should. -- Joerg Mayer <[EMAIL PROTECTED]> We are stuck with technology when what we really want is just stuff that works. Some say that should read Microsoft instead of technology. - This is the tcpdump-workers list. Visit https://cod.sandelman.ca/ to unsubscribe.
Re: [tcpdump-workers] [Wireshark-users] Filtering both vlan-tagged as untagged frames with an ip-filter
>From a thread at wireshark-users, but this concerns libpcap. On Tue, May 01, 2007 at 11:38:26PM -0700, Guy Harris wrote: > Does it count as a bug if it's documented to work that way? :-) > > To quote the OS X 10.4.9 tcpdump man page (this isn't WinPcap-specific - > it's common to all libpcap/WinPcap implementations): Well, it's not a bug per se, but I really think that the capture syntax manpage should be part of libpcap and not of tcpdump. I know of a few systems that have wireshark installed but not tcpdump. Also, it is possible to build tcpdump with older versions of libpcap where the capture syntax might be different. Would a patch to move the capture syntax into its own manpage and into the libpcap package be acceptable? If so, I'm willing to produce one. ciao Joerg -- Joerg Mayer <[EMAIL PROTECTED]> We are stuck with technology when what we really want is just stuff that works. Some say that should read Microsoft instead of technology. - This is the tcpdump-workers list. Visit https://cod.sandelman.ca/ to unsubscribe.
Re: [tcpdump-workers] [Wireshark-users] Filtering both vlan-tagged
On Wed, May 02, 2007 at 10:53:02AM -0700, Guy Harris wrote: > However, I'm not sure the libpcap man page is the right place, either, > as it'll be lost amidst a bunch of details of interest only to people > writing code that uses libpcap. pcap-filter(4) will be it for the start then. ciao Joerg -- Joerg Mayer <[EMAIL PROTECTED]> We are stuck with technology when what we really want is just stuff that works. Some say that should read Microsoft instead of technology. - This is the tcpdump-workers list. Visit https://cod.sandelman.ca/ to unsubscribe.
Re: [tcpdump-workers] libpcap license?
On Fri, Sep 14, 2007 at 04:36:20PM +0200, Luis Martin Garcia wrote: > - From the LICENSE file in libpcap source: > > License: BSD > > Redistribution and use in source and binary forms, with or without > modification, are permitted provided that the following conditions > are met: > > 1. Redistributions of source code must retain the above copyright > notice, this list of conditions and the following disclaimer. > 2. Redistributions in binary form must reproduce the above copyright > notice, this list of conditions and the following disclaimer in > the documentation and/or other materials provided with the > distribution. > 3. The names of the authors may not be used to endorse or promote > products derived from this software without specific prior > written permission. > > THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR > IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED > WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. And from the License in some of the source files (one of many is pcap-bpf.h): /*- * Copyright (c) 1990, 1991, 1992, 1993, 1994, 1995, 1996, 1997 * The Regents of the University of California. All rights reserved. * * This code is derived from the Stanford/CMU enet packet filter, * (net/enet.c) distributed as part of 4.3BSD, and code contributed * to Berkeley by Steven McCanne and Van Jacobson both of Lawrence * Berkeley Laboratory. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright *notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright *notice, this list of conditions and the following disclaimer in the *documentation and/or other materials provided with the distribution. * 3. All advertising materials mentioning features or use of this software *must display the following acknowledgement: * This product includes software developed by the University of * California, Berkeley and its contributors. * 4. Neither the name of the University nor the names of its contributors *may be used to endorse or promote products derived from this software *without specific prior written permission. * * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * * @(#) $Header: /tcpdump/master/libpcap/pcap-bpf.h,v 1.50 2007/04/01 21:43:55 guy Exp >From my understanding, both licenses are valid and must be fulfilled ciao Joerg -- Joerg Mayer <[EMAIL PROTECTED]> We are stuck with technology when what we really want is just stuff that works. Some say that should read Microsoft instead of technology. - This is the tcpdump-workers list. Visit https://cod.sandelman.ca/ to unsubscribe.
Re: [tcpdump-workers] Pcap header file
On Thu, Sep 27, 2007 at 01:46:00AM -0700, Win wrote:
>
> Recently I have installed tcpdump and libpcap on Linux Fedora 7 ( MoonShine )
> my problem is I am unable to find out pcap.h and start my first program in
> libpcap.
Maybe there is a libpcap-devel package?
Ciao
Joerg
--
Joerg Mayer <[EMAIL PROTECTED]>
We are stuck with technology when what we really want is just stuff that
works. Some say that should read Microsoft instead of technology.
-
This is the tcpdump-workers list.
Visit https://cod.sandelman.ca/ to unsubscribe.
Re: [tcpdump-workers] Announce: tcpdump 3.9.8 and libpcap 0.9.8 released
On Mon, Oct 01, 2007 at 09:16:00PM -0400, Michael Richardson wrote:
> So, the idea was that "releasetar" target (in the Makefile), couldn't
> be run until you had actually done at least ./configure, and ideally, a
> make and a make test.
>
> Unfortunately, it also encourages one to do a release from a dirty
> directory. Suggestions...?
I've seen the following code using svn, maybe something along the lines
is doable with cvs as well?
vpnc-%.tar.gz :
mkdir vpnc-$*
svn info -R | awk -v RS='\n\n' -v FS='\n' '/Node Kind: file/ {print
substr($$1,7)}' | \
tar cT - | tar xC vpnc-$*/
tar zcf ../$@ vpnc-$*
rm -rf vpnc-$*
Ciao
Joerg
--
Joerg Mayer <[EMAIL PROTECTED]>
We are stuck with technology when what we really want is just stuff that
works. Some say that should read Microsoft instead of technology.
-
This is the tcpdump-workers list.
Visit https://cod.sandelman.ca/ to unsubscribe.
[tcpdump-workers] Patch: Split out pcap-filters from tcpdump manpage
Sometimes I find patches that I was sure I had sent ages ago. This is
one of them - updated to current cvs.
Move the pcap filter syntax into its own manpage. If that patch is
acceptable, I'll send another patch that removes it from the tcpdump
manpage and references the new one instead.
Ciao
Joerg
--
Joerg Mayer <[EMAIL PROTECTED]>
We are stuck with technology when what we really want is just stuff that
works. Some say that should read Microsoft instead of technology.
Index: Makefile.in
===
RCS file: /tcpdump/master/libpcap/Makefile.in,v
retrieving revision 1.108
diff -u -r1.108 Makefile.in
--- Makefile.in 24 Jul 2007 02:36:34 - 1.108
+++ Makefile.in 28 Dec 2007 01:00:58 -
@@ -190,6 +190,10 @@
(mkdir -p $(DESTDIR)$(includedir); chmod 755 $(DESTDIR)$(includedir))
[ -d $(DESTDIR)$(includedir)/pcap ] || \
(mkdir -p $(DESTDIR)$(includedir)/pcap; chmod 755 $(DESTDIR)$(includedir)/pcap)
+ [ -d $(DESTDIR)$(mandir)/man3 ] || \
+ (mkdir -p $(DESTDIR)$(mandir)/man3; chmod 755 $(DESTDIR)$(mandir)/man3)
+ [ -d $(DESTDIR)$(mandir)/man4 ] || \
+ (mkdir -p $(DESTDIR)$(mandir)/man4; chmod 755 $(DESTDIR)$(mandir)/man4)
$(INSTALL_DATA) $(srcdir)/pcap/pcap.h \
$(DESTDIR)$(includedir)/pcap/pcap.h
$(INSTALL_DATA) $(srcdir)/pcap/bpf.h \
@@ -205,10 +209,10 @@
$(DESTDIR)$(includedir)/pcap-bpf.h
$(INSTALL_DATA) $(srcdir)/pcap-namedb.h \
$(DESTDIR)$(includedir)/pcap-namedb.h
- [ -d $(DESTDIR)$(mandir)/man3 ] || \
- (mkdir -p $(DESTDIR)$(mandir)/man3; chmod 755 $(DESTDIR)$(mandir)/man3)
$(INSTALL_DATA) $(srcdir)/pcap.3 \
$(DESTDIR)$(mandir)/man3/pcap.3
+ $(INSTALL_DATA) $(srcdir)/pcap-filter.4 \
+ $(DESTDIR)$(mandir)/man4/pcap-filter.4
install-shared: install-shared-$(DYEXT)
install-shared-so: libpcap.so
Index: packaging/pcap.spec.in
===
RCS file: /tcpdump/master/libpcap/packaging/pcap.spec.in,v
retrieving revision 1.1
diff -u -r1.1 pcap.spec.in
--- packaging/pcap.spec.in 30 Nov 2003 04:45:14 - 1.1
+++ packaging/pcap.spec.in 28 Dec 2007 01:01:01 -
@@ -29,10 +29,6 @@
%install
rm -rf $RPM_BUILD_ROOT
-mkdir -p $RPM_BUILD_ROOT/usr/{lib,include}
-mkdir -p $RPM_BUILD_ROOT/usr/share/man
-mkdir -p $RPM_BUILD_ROOT/usr/include/net
-mkdir -p $RPM_BUILD_ROOT/usr/man/man3
make install DESTDIR=$RPM_BUILD_ROOT mandir=/usr/share/man
cd $RPM_BUILD_ROOT/usr/lib
V1=`echo @VERSION@ | sed 's/\\.[^\.]*$//g'`
@@ -45,12 +41,6 @@
ln -sf libpcap.so.$V1 libpcap.so
fi
-#install -m 755 -o root libpcap.a $RPM_BUILD_ROOT/usr/lib
-#install -m 644 -o root pcap.3 $RPM_BUILD_ROOT/usr/man/man3
-#install -m 644 -o root pcap.h $RPM_BUILD_ROOT/usr/include
-#install -m 644 -o root pcap-bpf.h $RPM_BUILD_ROOT/usr/include/net
-#install -m 644 -o root pcap-namedb.h $RPM_BUILD_ROOT/usr/include
-
%clean
rm -rf $RPM_BUILD_ROOT
@@ -59,6 +49,7 @@
%doc LICENSE CHANGES INSTALL.txt README.linux TODO VERSION CREDITS packaging/pcap.spec
/usr/lib/libpcap.a
/usr/share/man/man3/*
+/usr/share/man/man4/*
/usr/include/pcap.h
/usr/include/pcap-bpf.h
/usr/include/pcap-namedb.h
--- /dev/null 2007-12-19 15:57:34.0 +0100
+++ pcap-filter.4 2007-12-28 02:03:32.0 +0100
@@ -0,0 +1,996 @@
+.\" @(#) $Header: /pcap-filter/master/pcap-filter/pcap-filter.1,v 1.183 2007/03/11 04:38:19 guy Exp $ (LBL)
+.\"
+.\" $NetBSD: pcap-filter.8,v 1.9 2003/03/31 00:18:17 perry Exp $
+.\"
+.\" Copyright (c) 1987, 1988, 1989, 1990, 1991, 1992, 1994, 1995, 1996, 1997
+.\" The Regents of the University of California. All rights reserved.
+.\" All rights reserved.
+.\"
+.\" Redistribution and use in source and binary forms, with or without
+.\" modification, are permitted provided that: (1) source code distributions
+.\" retain the above copyright notice and this paragraph in its entirety, (2)
+.\" distributions including binary code include the above copyright notice and
+.\" this paragraph in its entirety in the documentation or other materials
+.\" provided with the distribution, and (3) all advertising materials mentioning
+.\" features or use of this software display the following acknowledgement:
+.\" ``This product includes software developed by the University of California,
+.\" Lawrence Berkeley Laboratory and its contributors.'' Neither the name of
+.\" the University nor the names of its contributors may be used to endorse
+.\" or promote products derived from this software without specific prior
+.\" written permission.
+.\" THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED
+.\" WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF
+.\" MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.
+.\"
+.TH PCAP-FILTER 4 "17 Novembe
Re: [tcpdump-workers] Patch: Split out pcap-filters from tcpdump manpage
On Fri, Dec 28, 2007 at 02:17:46AM +0100, Joerg Mayer wrote: > Sometimes I find patches that I was sure I had sent ages ago. This is > one of them - updated to current cvs. > > Move the pcap filter syntax into its own manpage. If that patch is > acceptable, I'll send another patch that removes it from the tcpdump > manpage and references the new one instead. Any feedback on this? Ciao Joerg -- Joerg Mayer <[EMAIL PROTECTED]> We are stuck with technology when what we really want is just stuff that works. Some say that should read Microsoft instead of technology. - This is the tcpdump-workers list. Visit https://cod.sandelman.ca/ to unsubscribe.
Re: [tcpdump-workers] Patch: Split out pcap-filters from tcpdump
On Sun, Jan 06, 2008 at 01:26:35PM -0800, Guy Harris wrote: > Joerg Mayer wrote: > >Sometimes I find patches that I was sure I had sent ages ago. This is > >one of them - updated to current cvs. > > > >Move the pcap filter syntax into its own manpage. > > I've checked that into the main and 1.0 branches, with some edits, along > with updates to: [...] Thanks - I was bound to miss some places. > The patches to the RPM spec got rid of some mkdir commands and > commented-out install commands; is that because those are taken care of > automatically with current RPM generation software? Actually, I assumed that it gets taken care of by the "make install ..." command, so I removed just some redundancy. And stuff that's commented out isn't too helpful either (and should also be taken care of by make install). Another thing I was thinking about: Looking at distributions, the specfile is normally called libpcap.spec, not pcap.spec. There are other things which are typical to Linux distros, so I'll not talk about this further in this mail but cover that in a new thread later this week, once I've looked at more distributions. > >If that patch is > >acceptable, I'll send another patch that removes it from the tcpdump > >manpage and references the new one instead. > > The tcpdump man page should probably continue to list the examples, and > continue to indicate what the requirements are for filters on the > command line (e.g., quoting to avoid shell processing of parentheses). > The pcap-filter.4 man page shouldn't discuss that, as the string might > be typed on the command line, or in some form of non-shell input, or in > a file, or even in a source file for an application with a wired-in > filter string. Hopefully I've managed to do that in the attached patch. Thanks! Joerg -- Joerg Mayer <[EMAIL PROTECTED]> We are stuck with technology when what we really want is just stuff that works. Some say that should read Microsoft instead of technology. Joerg Mayer <[EMAIL PROTECTED]>: - Remove the capture syntax from the tcpdump manpage, as it has its own manpage now inside the libpcap package. - Reference the new pcap-filter(4) manpage to explain the expression syntax. - Clarify the multiple arguments case. - Fix one tpyo. - Remove reference to [EMAIL PROTECTED] and request that patches be sent to the standard mailing list instead. Index: tcpdump.1 === RCS file: /tcpdump/master/tcpdump/tcpdump.1,v retrieving revision 1.187 diff -u -r1.187 tcpdump.1 --- tcpdump.1 18 Nov 2007 02:47:24 - 1.187 +++ tcpdump.1 6 Jan 2008 23:22:22 - @@ -22,7 +22,7 @@ .\" WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF .\" MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. .\" -.TH TCPDUMP 1 "17 November 2007" +.TH TCPDUMP 1 "07 January 2008" .SH NAME tcpdump \- dump traffic on a network .SH SYNOPSIS @@ -659,783 +659,16 @@ Otherwise, only packets for which \fIexpression\fP is `true' will be dumped. .LP -The \fIexpression\fP consists of one or more -.I primitives. -Primitives usually consist of an -.I id -(name or number) preceded by one or more qualifiers. -There are three -different kinds of qualifier: -.IP \fItype\fP -qualifiers say what kind of thing the id name or number refers to. -Possible types are -.BR host , -.B net , -.B port -and -.BR portrange . -E.g., `host foo', `net 128.3', `port 20', `portrange 6000-6008'. -If there is no type -qualifier, -.B host -is assumed. -.IP \fIdir\fP -qualifiers specify a particular transfer direction to and/or from -.IR id . -Possible directions are -.BR src , -.BR dst , -.BR "src or dst" , -.BR "src and dst" , -.BR addr1 , -.BR addr2 , -.BR addr3 , -and -.BR addr4 . -E.g., `src foo', `dst net 128.3', `src or dst port ftp-data'. -If -there is no dir qualifier, -.B "src or dst" -is assumed. -The -.BR addr1 , -.BR addr2 , -.BR addr3 , -and -.B addr4 -qualifiers are only valid for IEEE 802.11 Wireless LAN link layers. -For some link layers, such as SLIP and the ``cooked'' Linux capture mode -used for the ``any'' device and for some other device types, the -.B inbound -and -.B outbound -qualifiers can be used to specify a desired direction. -.IP \fIproto\fP -qualifiers restrict the match to a particular protocol. -Possible -protos are: -.BR ether , -.BR fddi , -.BR tr , -.BR wlan , -.BR ip , -.BR ip6 , -.BR arp , -.BR rarp , -.BR decnet , -.B tcp -and -.BR udp . -E.g., `ether src foo', `arp net 128.3', `tcp port 21', `udp portrange -7000-7009', `wlan addr2 0:2:3:4:5:6'. -If there is -no proto qualifier, all protocols consistent with the
Re: [tcpdump-workers] Patch: Split out pcap-filters from tcpdump
On Sun, Jan 06, 2008 at 04:27:34PM -0800, Guy Harris wrote: > >-Multiple arguments are concatenated with spaces before being parsed. > >+Multiple arguments are concatenated with spaces before being parsed, > >+i.e. there is an implicit \fIand\fP between the arguments. > > I removed that, as it's not accurate - if you do I made a wrong assumption when I wrote it. Thanks for pointing it out. ciao Joerg -- Joerg Mayer <[EMAIL PROTECTED]> We are stuck with technology when what we really want is just stuff that works. Some say that should read Microsoft instead of technology. - This is the tcpdump-workers list. Visit https://cod.sandelman.ca/ to unsubscribe.
Re: [tcpdump-workers] patch: Allow various ethernet address notations
On Mon, Jan 07, 2008 at 03:13:32PM +0100, Arien Vijn wrote: > Attached is a small patch which makes libpcap filter expressions a bit > more tolerant towards ethernet (MAC) address notations. Did you use invisible ink^H^H^Hpixels in the attached patch? > \3 seems preferred by the IEEE and in many books. The '-' notation should be used by all media that use the Ethernet bit order, TR should use ':' - at least if I interpreted the IEEE correctly. Well, it seems that hardly anyone knows that (or that I'm imagining things of course :-) ciao Joerg -- Joerg Mayer <[EMAIL PROTECTED]> We are stuck with technology when what we really want is just stuff that works. Some say that should read Microsoft instead of technology. - This is the tcpdump-workers list. Visit https://cod.sandelman.ca/ to unsubscribe.
[tcpdump-workers] rpcap support?
Is there a reason why libpcap does not have rpcap support? The winpcap sources contain (a probably outdated) patch against libpcap 1.0.0 to implement this (wpcap/libpcap/remote_code.patch). Thanks Joerg -- Joerg Mayer We are stuck with technology when what we really want is just stuff that works. Some say that should read Microsoft instead of technology. - This is the tcpdump-workers list. Visit https://cod.sandelman.ca/ to unsubscribe.
Re: [tcpdump-workers] rpcap support?
On Sat, Jun 18, 2011 at 01:33:06AM +0200, Joerg Mayer wrote: > Is there a reason why libpcap does not have rpcap support? The winpcap > sources contain (a probably outdated) patch against libpcap 1.0.0 to > implement this (wpcap/libpcap/remote_code.patch). Soe either there is no reason or the people who have reasons keep them to themselves. As a colleague of mine encountered a device that had the server built in and he had to fire up a windows vm just to be able to capture I thought I'd go ahead and forward port the patch. Due to its size it's compressed. As it is jsut the patch from winpacap, please let me know if there are any things to change (style) to get it included. Cia o Jörg PS: I don't care about the server, but the protocol seems to have be come a de facto standard -- Joerg Mayer We are stuck with technology when what we really want is just stuff that works. Some say that should read Microsoft instead of technology. - This is the tcpdump-workers list. Visit https://cod.sandelman.ca/ to unsubscribe.
Re: [tcpdump-workers] rpcap support?
On Fri, Jun 24, 2011 at 11:44:01PM +0200, Joerg Mayer wrote: > capture I thought I'd go ahead and forward port the patch. Due to its > size it's compressed. As it is jsut the patch from winpacap, please let The kind ml software or admin first held the mail because it was 3k too large (43k > 40k) and then dropped the attachment. It can be downloaded (now in uncompressed form) from: http://www-agrw.informatik.uni-kl.de/home/jmayer/remote-pcap-client.patch This adapted patch has (at least) problems with "make releasetar" because it fails to package the new files. Ciao Jörg -- Joerg Mayer We are stuck with technology when what we really want is just stuff that works. Some say that should read Microsoft instead of technology. - This is the tcpdump-workers list. Visit https://cod.sandelman.ca/ to unsubscribe.
Re: [tcpdump-workers] rpcap support?
Hello, I've created a patch that actually manages to build into an rpm on my opensuse system. Wireshark HEAD also detects rpcap support when buiding with cmake. Now all I have to do is wait for the equipment to come back to do a real test... The patch can be downloaded from: http://www-agrw.informatik.uni-kl.de/home/jmayer/rpcap.v2.patch I'd really like to receive some feedback on this. ciao Joerg On Tue, Jun 28, 2011 at 05:05:33PM +, Gianluca Varenni wrote: > A comment on this. In the last couple of years I've been actually thinking of > dumping the rpcap support out of WinPcap. The reason is that such code is > pretty much unmaintained, I struggle to have the patch compile on Windows > every time, let linux (and all the other OSes supported by libpcap) aside. > Having rpcapd support integrated into libpcap would definitely make my life > much easier, but code maintenance can be an issue. -- Joerg Mayer We are stuck with technology when what we really want is just stuff that works. Some say that should read Microsoft instead of technology. - This is the tcpdump-workers list. Visit https://cod.sandelman.ca/ to unsubscribe.
Re: [tcpdump-workers] rpcap support?
On Sun, Jul 10, 2011 at 06:15:11PM +0200, Jakub Zawadzki wrote: > On Sat, Jul 09, 2011 at 02:36:50PM +0200, Joerg Mayer wrote: > > I've created a patch that actually manages to build into an rpm on my > > opensuse system. Wireshark HEAD also detects rpcap support when buiding with > > cmake. Now all I have to do is wait for the equipment to come back to > > do a real test... > > The patch can be downloaded from: > > http://www-agrw.informatik.uni-kl.de/home/jmayer/rpcap.v2.patch > > > > I'd really like to receive some feedback on this. > > This patch is missing all new files like: pcap-remote.[ch], > sockutils.[ch] or pcap/remote-ext.h Sorry for that. Looks I don't know how to get new files included into git diff. Please try: http://www-agrw.informatik.uni-kl.de/home/jmayer/rpcap-v2.tar Thanks! Joerg PS: I've locally done a "git rm configure" and added configure to .gitignore, so this should no longer "pollute" the patch. -- Joerg Mayer We are stuck with technology when what we really want is just stuff that works. Some say that should read Microsoft instead of technology. - This is the tcpdump-workers list. Visit https://cod.sandelman.ca/ to unsubscribe.
Re: [tcpdump-workers] rpcap support?
I've now created an account on github and cloned mcr's repo over there. That way it should be easier to talk about the code. It can be found at: git://github.com/jmayer/libpcap.git Ciao Joerg -- Joerg Mayer We are stuck with technology when what we really want is just stuff that works. Some say that should read Microsoft instead of technology. - This is the tcpdump-workers list. Visit https://cod.sandelman.ca/ to unsubscribe.
Re: [tcpdump-workers] capturing on both interfaces simultaneously
On Mon, Nov 28, 2011 at 02:35:24PM -0500, abhinav narain wrote: > I am using libpcap on Openwrt platform, Netgear router wndr3700v2. > I am able to capture packets on phy0, interface. > But what should I do to capture packets on phy0,phy1 simultaneously in the > same program ? > > I don't think I can use "any" interface as it might capture packets from > bridge interface also ! The current *development* tree of Wireshark supports simultanous capture on several interfaces and this includes the text version tshark. AFAIK, tcpdump does not support this - but you may alway start tcpdump multiple times, once for each interface and later merge the capture files. Ciao Joerg -- Joerg Mayer We are stuck with technology when what we really want is just stuff that works. Some say that should read Microsoft instead of technology. - This is the tcpdump-workers list. Visit https://cod.sandelman.ca/ to unsubscribe.
[tcpdump-workers] Support building libpcap on Unix'ish OS's with remote pcap support
Hello,
the attached patch is an attempt to get remote pcap working on macOS (and other
Unix'ish operating systems).
I then rebuild Wireshark and managed to configure a remote capture session.
Unfortunately
I don't have an AP or other testdevice available right now. I *may* find a
chance and time
on Friday to test this with an Extremenetworks AP.
What this patch does:
- Move remote-ext.h to pcap/remote-ext.h (plus necessary autotools changes):
Inside pcap/ is a more consistent place to put it.
- Fix a small typo in a comment in remote-ext.h
- Add the necessary autotools changes for --enable-rpcap to compile and link.
With that said: When I open the rpcap dialog in Wireshark, I get an error
message
but Wireshark continues without crashing:
(process:93925): GLib-CRITICAL **: guint g_hash_table_size(GHashTable *):
assertion `hash_table != NULL' failed
But that is most likely a Wireshark issue.
While I'm at it: Does anyone know of a working rpcap server on Unix?
Please consider adding this patch (or maybe something inspired by it :-)
If not, please let me know what is missing to get rpcap support on Unix.
Thanks
Jörg
--
Joerg Mayer
We are stuck with technology when what we really want is just stuff that
works. Some say that should read Microsoft instead of technology.
>From 839e665b9f7240ac26a3dcbaebeae8dc0ed8c774 Mon Sep 17 00:00:00 2001
From: Joerg Mayer
Date: Fri, 28 Oct 2016 10:12:20 +0200
Subject: [PATCH] Support building with rpcap (--enable-rpcap)
Signed-off-by: Joerg Mayer
---
Makefile.in | 5 +++--
config.h.in | 3 +++
configure | 19 +++
configure.ac | 11 +++
pcap/pcap.h | 2 +-
remote-ext.h => pcap/remote-ext.h | 2 +-
6 files changed, 38 insertions(+), 4 deletions(-)
rename remote-ext.h => pcap/remote-ext.h (99%)
diff --git a/Makefile.in b/Makefile.in
index 7044f04..eba68dd 100644
--- a/Makefile.in
+++ b/Makefile.in
@@ -79,7 +79,8 @@ YACC = @YACC@
@rm -f $@
$(CC) $(FULL_CFLAGS) -c $(srcdir)/$*.c
-PSRC = pcap-@V_PCAP@.c @USB_SRC@ @BT_SRC@ @BT_MONITOR_SRC@ @NETFILTER_SRC@
@DBUS_SRC@
+PSRC = pcap-@V_PCAP@.c @USB_SRC@ @BT_SRC@ @BT_MONITOR_SRC@ @NETFILTER_SRC@ \
+ @DBUS_SRC@ @RPCAP_SRC@
FSRC = @V_FINDALLDEVS@
SSRC = @SSRC@
CSRC = pcap.c inet.c gencode.c optimize.c nametoaddr.c \
@@ -106,6 +107,7 @@ PUBHDR = \
pcap/namedb.h \
pcap/nflog.h \
pcap/pcap.h \
+ pcap/remote-ext.h \
pcap/sll.h \
pcap/vlan.h \
pcap/usb.h
@@ -345,7 +347,6 @@ EXTRA_DIST = \
pcap-usb-linux.c \
pcap-usb-linux.h \
pcap-win32.c \
- remote-ext.h \
sockutils.c \
sockutils.h \
scanner.l \
diff --git a/config.h.in b/config.h.in
index 7f6115d..b02873e 100644
--- a/config.h.in
+++ b/config.h.in
@@ -127,6 +127,9 @@
/* define if net/pfvar.h defines PF_NAT through PF_NORDR */
#undef HAVE_PF_NAT_THROUGH_PF_NORDR
+/* enable remote capture protocol support */
+#undef HAVE_REMOTE
+
/* define if you have the Septel API */
#undef HAVE_SEPTEL_API
diff --git a/configure b/configure
index 7af37bc..4842b6d 100755
--- a/configure
+++ b/configure
@@ -623,6 +623,7 @@ ac_subst_vars='LTLIBOBJS
INSTALL_DATA
INSTALL_SCRIPT
INSTALL_PROGRAM
+RPCAP_SRC
PCAP_SUPPORT_PACKET_RING
DBUS_SRC
PCAP_SUPPORT_DBUS
@@ -752,6 +753,7 @@ enable_usb
enable_bluetooth
enable_dbus
enable_packet_ring
+enable_rpcap
'
ac_precious_vars='build_alias
host_alias
@@ -1392,6 +1394,7 @@ Optional Features:
--enable-dbus enable D-Bus capture support [default=yes, if
support available]
--enable-packet-ringenable Linux packet ring support [default=yes]
+ --enable-rpcap enable remote capture protocol support [default=no]
Optional Packages:
--with-PACKAGE[=ARG]use PACKAGE [ARG=yes]
@@ -8956,6 +8959,22 @@ $as_echo "#define PCAP_SUPPORT_PACKET_RING 1"
>>confdefs.h
fi
+# Check whether --enable-rpcap was given.
+if test "${enable_rpcap+set}" = set; then :
+ enableval=$enable_rpcap;
+else
+ enable_rpcap=no
+fi
+
+
+if test "x$enable_rpcap" != "xno" ; then
+
+$as_echo "#define HAVE_REMOTE 1" >>confdefs.h
+
+ RPCAP_SRC="pcap-new.c pcap-rpcap.c sockutils.c"
+
+fi
+
# Find a good install program. We prefer a C program (faster),
# so one script is as good as another. But avoid the broken or
# incompatible versions:
diff --git a/configure.ac b/configure.ac
index a2b31d4..6f5fd5d 100644
--- a/configure.ac
+++ b/configure.ac
@@ -1817,6 +1817,17 @@ if test "x$enable_packet_ring" != "xno" ; then
AC_SUBST(PCAP_SUPPORT_PACKET_RING)
fi
+dnl Support remote capture
+AC_ARG_ENABLE([rpcap],
+[AC_HELP_STRING([--enab
Re: [tcpdump-workers] Support building libpcap on Unix'ish OS's with remote pcap support
Hello, after waiting for the message to time out in moderation, subscribing, waiting some more, I should have reread the message instead of just bouncing it... The patch itself is still valid, I just made a bit of progress on the Wireshark side, so please ignore that part (current status: see next mail). Ciao Jörg On Tue, Feb 14, 2017 at 01:37:51AM +0100, Joerg Mayer wrote: > the attached patch is an attempt to get remote pcap working on macOS (and > other > Unix'ish operating systems). ... > With that said: When I open the rpcap dialog in Wireshark, I get an error > message > but Wireshark continues without crashing: > (process:93925): GLib-CRITICAL **: guint g_hash_table_size(GHashTable *): > assertion `hash_table != NULL' failed > But that is most likely a Wireshark issue. -- Joerg Mayer We are stuck with technology when what we really want is just stuff that works. Some say that should read Microsoft instead of technology. ___ tcpdump-workers mailing list tcpdump-workers@lists.tcpdump.org https://lists.sandelman.ca/mailman/listinfo/tcpdump-workers
[tcpdump-workers] rpcap support on non-windows
Hello, I'm trying to get libpcap working on macOS. With the previously sent patch I am able to build libpcap with rpcap support. dumpcap (from Wireshark) compiles and links fine with the new version and it does a bit of rpcap communication with my rpcap server (an AP) and after that it segfaults. Compiling and linking (both dumpcap and libpcap) with asan gave me the output below (after some rpcap traffic on the network). Trying to understand the problem it looks like accessing struct pcap_md (the rpcap specific stuff) is broken on non-win32 platforms (or at least on bpf platforms). The intended memory layout seems to be: struct pcap_t (containing a pointer to priv if it exits) priv: struct pcap_ struct pcap_md (if compiling with HAVE_REMOTE) The current implementation seems to a) only allocate the memory for pcap_md on win (pcap_create_interface() in pcap-win32.c), thus causing an out of bounds access on other platforms. b) the access to pcap_md is calculated as priv + sizeof(struct pcap_win) on all platforms which gets redeclared in pcap-new.c and pcap-rpcap.c for just this purpose. This looks wrong to me but I'm not sure. Anyone willing to look into this? Thanks Jörg jmayer@newegg:~/worktmp/wireshark$ dumpcap -r -i 'rpcap://10.122.4.11/wifi0' Capturing on 'rpcap://10.122.4.11/wifi0' = ==45693==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x6160b158 at pc 0x00010886d3d5 bp 0x7fff57442bf0 sp 0x7fff57442be8 WRITE of size 4 at 0x6160b158 thread T0 #0 0x10886d3d4 in pcap_opensource_remote pcap-rpcap.c:833 #1 0x10886b4db in pcap_open pcap-new.c:934 #2 0x1087ccad7 in open_capture_device capture-pcap-util.c:1322 #3 0x1087b87aa in main dumpcap.c:2196 #4 0x7fffd7e02254 in start (libdyld.dylib+0x5254) 0x6160b158 is located 40 bytes to the left of 528-byte region [0x6160b180,0x6160b390) allocated by thread T0 here: #0 0x108be0157 in wrap_calloc (libclang_rt.asan_osx_dynamic.dylib+0x4b157) #1 0x7fffd7512e6b in allocateBuckets(unsigned int) (libobjc.A.dylib+0x8e6b) #2 0x7fffd7512dfa in cache_t::reallocate(unsigned int, unsigned int) (libobjc.A.dylib+0x8dfa) #3 0x7fffd7512626 in cache_fill (libobjc.A.dylib+0x8626) #4 0x7fffd7511c3d in lookUpImpOrForward (libobjc.A.dylib+0x7c3d) #5 0x7fffd75115d3 in _objc_msgSend_uncached (libobjc.A.dylib+0x75d3) #6 0x7fffc289b94c in CFArraySortValues (CoreFoundation+0x7894c) #7 0x7fffc947df9d in _SCNetworkInterfaceCopyAllWithPreferences (SystemConfiguration+0xaf9d) #8 0x1087c9c1a in if_info_new capture-pcap-util.c:158 #9 0x1087caa9e in get_interface_list_findalldevs capture-pcap-util.c:531 #10 0x1087b2375 in capture_opts_add_iface_opt capture_opts.c:591 #11 0x1087b0566 in capture_opts_add_opt capture_opts.c:794 #12 0x1087b6acc in main dumpcap.c:4153 #13 0x7fffd7e02254 in start (libdyld.dylib+0x5254) SUMMARY: AddressSanitizer: heap-buffer-overflow pcap-rpcap.c:833 in pcap_opensource_remote Shadow bytes around the buggy address: 0x1c2c15d0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0x1c2c15e0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0x1c2c15f0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0x1c2c1600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0x1c2c1610: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 =>0x1c2c1620: fa fa fa fa fa fa fa fa fa fa fa[fa]fa fa fa fa 0x1c2c1630: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0x1c2c1640: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0x1c2c1650: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0x1c2c1660: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0x1c2c1670: 00 00 fa fa fa fa fa fa fa fa fa fa fa fa fa fa Shadow byte legend (one shadow byte represents 8 application bytes): Addressable: 00 Partially addressable: 01 02 03 04 05 06 07 Heap left redzone: fa Heap right redzone: fb Freed heap region: fd Stack left redzone: f1 Stack mid redzone: f2 Stack right redzone: f3 Stack partial redzone: f4 Stack after return: f5 Stack use after scope: f8 Global redzone: f9 Global init order: f6 Poisoned by user:f7 Container overflow: fc Array cookie:ac Intra object redzone:bb ASan internal: fe Left alloca redzone: ca Right alloca redzone:cb ==45693==ABORTING Abort trap: 6 -- Joerg Mayer We are stuck with technology when what we really want is just stuff that works. Some say that should read Microsoft instead of technology. ___ tcpdump-workers mailing list tcpdump-workers@lists.tcpdump.org https://lists.sandelman.ca/mailman/listinfo/tcpdump-workers
Re: [tcpdump-workers] rpcap support on non-windows
Hello,
On Wed, Mar 01, 2017 at 05:50:57AM +0100, Joerg Mayer wrote:
> I'm trying to get libpcap working on macOS.
...
> Trying to understand the problem it looks like accessing struct pcap_md (the
> rpcap specific stuff) is broken on non-win32 platforms (or at least on bpf
> platforms).
>
> The intended memory layout seems to be:
>
> struct pcap_t (containing a pointer to priv if it exits)
> priv:
> struct pcap_
> struct pcap_md (if compiling with HAVE_REMOTE)
>
> The current implementation seems to
>
> a) only allocate the memory for pcap_md on win (pcap_create_interface() in
>pcap-win32.c), thus causing an out of bounds access on other platforms.
> b) the access to pcap_md is calculated as priv + sizeof(struct pcap_win)
>on all platforms which gets redeclared in pcap-new.c and pcap-rpcap.c
>for just this purpose. This looks wrong to me but I'm not sure.
OK, I think I managed to fix this one. Please see attached patch.
Now it fails (i.e. it no longer crashes!) with:
jmayer@newegg:~/worktmp/libpcap/build(master)$ dumpcap -i
rpcap://10.122.4.11/wifi0
Capturing on 'rpcap://10.122.4.11/wifi0'
dumpcap: Invalid capture filter "(null)" for interface
'rpcap://10.122.4.11/wifi0'.
That string isn't a valid capture filter (not-yet-activated pcap_t passed to
pcap_compile).
See the User's Guide for a description of the capture filter syntax.
jmayer@newegg:~/worktmp/libpcap/build(master)$ dumpcap -i
rpcap://10.122.4.11/wifi0 -L
Data link types of interface rpcap://10.122.4.11/wifi0 (use option -y to set):
DLT -3 (not supported)
Both of which seem to be libpcap problems (or symptoms of the same problem).
Kind regards
JÖrg
--
Joerg Mayer
We are stuck with technology when what we really want is just stuff that
works. Some say that should read Microsoft instead of technology.
Fix access to struct pcap_md on non-Windows
Previously it was assumed that pcap_md was at offset pcap_t + pcap_win.
That assumption was only correct on Windows systems.
Signed-off-by: Joerg Mayer
---
pcap-int.h | 3 +++
pcap-new.c | 4 ++--
pcap-rpcap.c | 20 +---
pcap.c | 18 +++---
4 files changed, 29 insertions(+), 16 deletions(-)
diff --git a/pcap-int.h b/pcap-int.h
index 5c8c129..e74eec8 100644
--- a/pcap-int.h
+++ b/pcap-int.h
@@ -178,6 +178,9 @@ struct pcap {
int break_loop; /* flag set to force break from packet-reading
loop */
void *priv; /* private data for methods */
+#ifdef HAVE_REMOTE
+ void *priv_md; /* private data for rpcap */
+#endif
int swapped;
FILE *rfile;/* null if live capture, non-null if savefile */
diff --git a/pcap-new.c b/pcap-new.c
index 494e425..816f51d 100644
--- a/pcap-new.c
+++ b/pcap-new.c
@@ -940,7 +940,7 @@ pcap_t *pcap_open(const char *source, int snaplen, int
flags, int read_timeout,
}
struct pcap_md *md; /* structure
used when doing a remote live capture */
- md = (struct pcap_md *) ((u_char*)fp->priv + sizeof(struct
pcap_win));
+ md = (struct pcap_md *)fp->priv_md;
fp->snapshot = snaplen;
fp->opt.timeout = read_timeout;
@@ -994,7 +994,7 @@ struct pcap_samp *pcap_setsampling(pcap_t *p)
{
struct pcap_md *md; /* structure used when
doing a remote live capture */
- md = (struct pcap_md *) ((u_char*)p->priv + sizeof(struct pcap_win));
+ md = (struct pcap_md *)p->priv_md;
return &(md->rmt_samp);
}
diff --git a/pcap-rpcap.c b/pcap-rpcap.c
index f5f3fa5..51c07ae 100644
--- a/pcap-rpcap.c
+++ b/pcap-rpcap.c
@@ -216,7 +216,7 @@ static int pcap_read_nocb_remote(pcap_t *p, struct
pcap_pkthdr **pkt_header, u_c
struct timeval tv; /* maximum time the select()
can block waiting for data */
struct pcap_md *md; /* structure used when doing a
remote live capture */
- md = (struct pcap_md *) ((u_char*)p->priv + sizeof(struct pcap_win));
+ md = (struct pcap_md *)p->priv_md;
/*
* Define the packet buffer timeout, to be used in the select()
@@ -423,7 +423,7 @@ static void pcap_cleanup_remote(pcap_t *fp)
int active = 0; /* active mode or not?
*/
struct pcap_md *md; /* structure used when
doing a remote live capture */
- md = (struct pcap_md *) ((u_char*)fp->priv + sizeof(struct pcap_win));
+ md = (struct pcap_md *)fp->priv_md;
/* detect if we're in active mode */
temp = activeHosts;
@@ -559,7 +559,7 @@ static struct pcap_stat *rpcap_stats_remote(pcap_t *p,
struct pcap_stat *ps, int
int retv
[tcpdump-workers] [PATCH] 0001-Bunch-of-build-system-fixes.patch
>From aee291b3e5f66c5ca780d89535fa16909a3937ae Mon Sep 17 00:00:00 2001 From: Joerg Mayer Date: Sat, 11 Mar 2017 12:11:53 +0100 Subject: [PATCH] Bunch of build system fixes Add install target for rpcapd (todo: write manpage) Fix out of tree builds for rpcapd (wouldn't find includes in ..) File file permissions of rpcapd source Fix compiles when HAVE_REMOTE is set (this is a hack: the include file should be moved into the pcap/ directory. Signed-off-by: Joerg Mayer --- Makefile.in | 4 rpcap/Makefile.in | 11 +-- rpcap/daemon.c| 0 rpcap/daemon.h| 0 rpcap/fileconf.c | 0 rpcap/fileconf.h | 0 rpcap/rpcapd.c| 0 rpcap/rpcapd.h| 0 rpcap/utils.c | 0 rpcap/utils.h | 0 rpcap/win32-svc.c | 0 11 files changed, 13 insertions(+), 2 deletions(-) mode change 100755 => 100644 rpcap/daemon.c mode change 100755 => 100644 rpcap/daemon.h mode change 100755 => 100644 rpcap/fileconf.c mode change 100755 => 100644 rpcap/fileconf.h mode change 100755 => 100644 rpcap/rpcapd.c mode change 100755 => 100644 rpcap/rpcapd.h mode change 100755 => 100644 rpcap/utils.c mode change 100755 => 100644 rpcap/utils.h mode change 100755 => 100644 rpcap/win32-svc.c diff --git a/Makefile.in b/Makefile.in index 8f2a12c..0bc7dcd 100644 --- a/Makefile.in +++ b/Makefile.in @@ -27,6 +27,8 @@ exec_prefix = @exec_prefix@ datarootdir = @datarootdir@ # Pathname of directory to install the configure program bindir = @bindir@ +# Pathname of directory to install the rpcapd daemon +sbindir = @sbindir@ # Pathname of directory to install the include files includedir = @includedir@ # Pathname of directory to install the library @@ -98,6 +100,7 @@ PUBHDR = \ pcap.h \ pcap-bpf.h \ pcap-namedb.h \ + remote-ext.h \ pcap/bpf.h \ pcap/bluetooth.h \ pcap/can_socketcan.h \ @@ -633,6 +636,7 @@ install: install-shared install-archive pcap-config for i in $(MANMISC); do \ $(INSTALL_DATA) `echo $$i | sed 's/.manmisc.in/.manmisc/'` \ $(DESTDIR)$(mandir)/man@MAN_MISC_INFO@/`echo $$i | sed 's/.manmisc.in/.@MAN_MISC_INFO@/'`; done + cd rpcap; $(MAKE) DESTDIR=$(DESTDIR) install install-shared: install-shared-$(DYEXT) install-shared-so: libpcap.so diff --git a/rpcap/Makefile.in b/rpcap/Makefile.in index 800cbb8..e1bf550 100644 --- a/rpcap/Makefile.in +++ b/rpcap/Makefile.in @@ -27,6 +27,8 @@ exec_prefix = @exec_prefix@ datarootdir = @datarootdir@ # Pathname of directory to install the configure program bindir = @bindir@ +# Pathname of directory to install the rpcapd daemon +sbindir = @sbindir@ # Pathname of directory to install the include files includedir = @includedir@ # Pathname of directory to install the library @@ -48,7 +50,7 @@ AR = @AR@ LN_S = @LN_S@ MKDEP = @MKDEP@ CCOPT = @V_CCOPT@ -INCLS = -I. -I.. @V_INCLS@ +INCLS = -I. -I.. -I@srcdir@ -I@srcdir@/.. @V_INCLS@ DEFS = -DBUILDING_PCAP @DEFS@ @V_DEFS@ ADDLOBJS = @ADDLOBJS@ ADDLARCHIVEOBJS = @ADDLARCHIVEOBJS@ @@ -99,7 +101,7 @@ EXTRA_DIST = \ Makefile-devel-adds rpcapd: $(OBJ) ../libpcap.a - $(CC) -o $@ $(OBJ) ../libpcap.a + $(CC) $(LDFLAGS) -o $@ $(OBJ) ../libpcap.a clean: rm -f $(CLEANFILES) @@ -109,6 +111,11 @@ distclean: clean stamp-h stamp-h.in rm -rf autom4te.cache +install: rpcapd + [ -d $(DESTDIR)$(sbindir) ] || \ + (mkdir -p $(DESTDIR)$(sbindir); chmod 755 $(DESTDIR)$(sbindir)) + $(INSTALL_PROGRAM) rpcapd $(DESTDIR)$(sbindir)/rpcapd + tags: $(TAGFILES) ctags -wtd $(TAGFILES) diff --git a/rpcap/daemon.c b/rpcap/daemon.c old mode 100755 new mode 100644 diff --git a/rpcap/daemon.h b/rpcap/daemon.h old mode 100755 new mode 100644 diff --git a/rpcap/fileconf.c b/rpcap/fileconf.c old mode 100755 new mode 100644 diff --git a/rpcap/fileconf.h b/rpcap/fileconf.h old mode 100755 new mode 100644 diff --git a/rpcap/rpcapd.c b/rpcap/rpcapd.c old mode 100755 new mode 100644 diff --git a/rpcap/rpcapd.h b/rpcap/rpcapd.h old mode 100755 new mode 100644 diff --git a/rpcap/utils.c b/rpcap/utils.c old mode 100755 new mode 100644 diff --git a/rpcap/utils.h b/rpcap/utils.h old mode 100755 new mode 100644 diff --git a/rpcap/win32-svc.c b/rpcap/win32-svc.c old mode 100755 new mode 100644 -- 2.10.1 (Apple Git-78) -- Joerg Mayer We are stuck with technology when what we really want is just stuff that works. Some say that should read Microsoft instead of technology. ___ tcpdump-workers mailing list tcpdump-workers@lists.tcpdump.org https://lists.sandelman.ca/mailman/listinfo/tcpdump-workers
[tcpdump-workers] Plans for libpcap?
Hello, with the ongoing work on getting rpcap client and server code working in libpcap, what is missing for libpcap to continue as the "official" successor of Winpcap? Are there ideas or plans to do something like that? Ciao Jörg -- Joerg Mayer We are stuck with technology when what we really want is just stuff that works. Some say that should read Microsoft instead of technology. ___ tcpdump-workers mailing list tcpdump-workers@lists.tcpdump.org https://lists.sandelman.ca/mailman/listinfo/tcpdump-workers
[tcpdump-workers] Plans for libpcap?
On Tue, Mar 14, 2017 at 07:17:52PM -0400, Michael Richardson wrote: > > Joerg Mayer wrote: > > with the ongoing work on getting rpcap client and server code working > in libpcap, > > what is missing for libpcap to continue as the "official" successor of > Winpcap? > > Are there ideas or plans to do something like that? > > It seems like a good thing; but I can't commit to building code or fielding > bug reports. > So I think it depends upon having enough volunteers to do that kind of thing. > Are you able to help? Not very much, as I am mostly a Linux (and recently macOS) user. I "care" about Winpcap for two reasons: 1) It's the only code base that can do rpcap and I use APs that run an rpcapd. This reason is soon going away. 2) Winpcap is an essential part of Wireshark's success on Windows and it looks like it's not getting the amount of maintenance it could be getting. For a while it looked like npcap might fill that gap with e.g. native wireless capture, but with the recent license update that hope turned out to have been too optimistic. From an open source developer's perspective, I found it wasteful that Winpcap was a fork of libpcap that was never merged back to its foundation (and now seems to run out of active development resources). Ciao Jörg -- Joerg Mayer We are stuck with technology when what we really want is just stuff that works. Some say that should read Microsoft instead of technology. ___ tcpdump-workers mailing list tcpdump-workers@lists.tcpdump.org https://lists.sandelman.ca/mailman/listinfo/tcpdump-workers
[tcpdump-workers] Some open issues with Linux build
Hello,
this is not a real patch for now but more of a documentation of open issues.
I needed to make the changes below to compile and link rpcapd on openSUSE 13.2.
Ciao
Jörg
diff --git a/rpcapd/Makefile.in b/rpcapd/Makefile.in
index 5738912..86f66c5 100644
--- a/rpcapd/Makefile.in
+++ b/rpcapd/Makefile.in
@@ -54,7 +54,7 @@ INCLS = -I. -I.. -I@srcdir@ -I@srcdir@/.. @V_INCLS@
DEFS = -DBUILDING_PCAP @DEFS@ @V_DEFS@
ADDLOBJS = @ADDLOBJS@
ADDLARCHIVEOBJS = @ADDLARCHIVEOBJS@
-LIBS = @LIBS@
+LIBS = @LIBS@ -lcrypt -lpthread
CROSSFLAGS=
CFLAGS = @CFLAGS@ ${CROSSFLAGS}
LDFLAGS = @LDFLAGS@ ${CROSSFLAGS}
diff --git a/rpcapd/daemon.c b/rpcapd/daemon.c
index 3b2ab01..d83516b 100755
--- a/rpcapd/daemon.c
+++ b/rpcapd/daemon.c
@@ -51,6 +51,7 @@
#endif
#ifdef linux
+#include
#include // for password management
#endif
--
Joerg Mayer
We are stuck with technology when what we really want is just stuff that
works. Some say that should read Microsoft instead of technology.
___
tcpdump-workers mailing list
tcpdump-workers@lists.tcpdump.org
https://lists.sandelman.ca/mailman/listinfo/tcpdump-workers
[tcpdump-workers] [PATCH] Make git_version_c.sh look more like gen_version_header.sh
>From 8f2edd03024ef226b7b579c2331f519c912d7f61 Mon Sep 17 00:00:00 2001
From: Joerg Mayer
Date: Mon, 20 Mar 2017 21:06:34 +0100
Subject: [PATCH] Make git_version_c.sh look more like gen_version_header.sh
---
gen_version_c.sh | 25 ++---
1 file changed, 18 insertions(+), 7 deletions(-)
diff --git a/gen_version_c.sh b/gen_version_c.sh
index d5a5e75..ae4ef9c 100755
--- a/gen_version_c.sh
+++ b/gen_version_c.sh
@@ -1,11 +1,22 @@
#! /bin/sh
+print_version_string()
+{
+ if grep GIT "$1" >/dev/null
+ then
+ read ver <"$1"
+ echo $ver | tr -d '\012'
+ date +_%Y_%m_%d
+ else
+ cat "$1"
+ fi
+}
+if test $# != 2
+then
+ echo "Usage: gen_version_c.sh " 1>&2
+ exit 1
+fi
+version_string=`print_version_string "$1"`
echo '#include ' > "$2"
echo 'PCAP_API_DEF' >> "$2"
-if grep GIT "$1" >/dev/null; then
- read ver <"$1"
- echo $ver | tr -d '\012'
- date +_%Y_%m_%d
-else
- cat "$1"
-fi | sed -e 's/.*/char pcap_version[] = "&";/' >> "$2"
+echo "$version_string" | sed -e 's/.*/char pcap_version[] = "&";/' >> "$2"
--
2.10.1 (Apple Git-78)
--
Joerg Mayer
We are stuck with technology when what we really want is just stuff that
works. Some say that should read Microsoft instead of technology.
___
tcpdump-workers mailing list
tcpdump-workers@lists.tcpdump.org
https://lists.sandelman.ca/mailman/listinfo/tcpdump-workers
[tcpdump-workers] 4 small patches to libpcap
Hello,
attache are four tiny patches to current git head of libpcap:
0001-Fix-warning-from-Wshadow.patch
0002-Fix-warnnigs-from-Wdocumentation.patch
0003-Allow-.devel-file-to-be-in-the-build-directory-in-ad.patch
0004-Add-Wdocumentation-to-development-warnings.patch
Patch 4 is kind of "unclean" as it still generates warnings in the generated
file
scanner.c on my system (current macos with current xcode).
Please apply at least patches 1-3 (or some varation thereof).
Thanks
Jörg
--
Joerg Mayer
We are stuck with technology when what we really want is just stuff that
works. Some say that should read Microsoft instead of technology.
>From 36cde69317b699d7247eca6558bcc2c6abd23e50 Mon Sep 17 00:00:00 2001
From: Joerg Mayer
Date: Mon, 26 Mar 2018 13:21:59 +0200
Subject: [PATCH 1/4] Fix warning from -Wshadow
Signed-off-by: Joerg Mayer
---
rpcapd/rpcapd.c | 8
1 file changed, 4 insertions(+), 4 deletions(-)
diff --git a/rpcapd/rpcapd.c b/rpcapd/rpcapd.c
index d3594081..53554250 100755
--- a/rpcapd/rpcapd.c
+++ b/rpcapd/rpcapd.c
@@ -564,13 +564,13 @@ main_passive(void *ptr)
SOCKET sockctrl;// keeps the socket ID for this
control connection
struct sockaddr_storage from; // generic sockaddr_storage
variable
socklen_t fromlen; // keeps the length of the
sockaddr_storage variable
- SOCKET sockmain;
+ SOCKET sockmaincopy;
#ifndef _WIN32
pid_t pid;
#endif
- sockmain = *((SOCKET *) ptr);
+ sockmaincopy = *((SOCKET *) ptr);
// Delete the pointer (which has been allocated in the main)
free(ptr);
@@ -589,7 +589,7 @@ main_passive(void *ptr)
// Connection creation
fromlen = sizeof(struct sockaddr_storage);
- sockctrl = accept(sockmain, (struct sockaddr *) &from,
&fromlen);
+ sockctrl = accept(sockmaincopy, (struct sockaddr *) &from,
&fromlen);
if (sockctrl == INVALID_SOCKET)
{
@@ -665,7 +665,7 @@ main_passive(void *ptr)
pars->nullAuthAllowed = nullAuthAllowed;
// Close the main socket (must be open only in the
parent)
- closesocket(sockmain);
+ closesocket(sockmaincopy);
daemon_serviceloop((void *) pars);
exit(0);
--
2.14.3 (Apple Git-98)
>From 6696a7635a1cd803d485e2a95766b58bc6314461 Mon Sep 17 00:00:00 2001
From: Joerg Mayer
Date: Mon, 26 Mar 2018 13:22:35 +0200
Subject: [PATCH 2/4] Fix warnnigs from -Wdocumentation
Signed-off-by: Joerg Mayer
---
rpcapd/daemon.c | 6 ++
1 file changed, 2 insertions(+), 4 deletions(-)
diff --git a/rpcapd/daemon.c b/rpcapd/daemon.c
index fe8d75dd..e2d89d96 100755
--- a/rpcapd/daemon.c
+++ b/rpcapd/daemon.c
@@ -2361,14 +2361,12 @@ error:
that can be used to be sent on the network. Basically, it applies all
the hton()
conversion required to the input variable.
- \param sockaddrin: a 'sockaddr_storage' pointer to the variable that
has to be
+ \param sockaddrin a 'sockaddr_storage' pointer to the variable that has
to be
serialized. This variable can be both a 'sockaddr_in' and
'sockaddr_in6'.
- \param sockaddrout: an 'rpcap_sockaddr' pointer to the variable that
will contain
+ \param sockaddrout an 'rpcap_sockaddr' pointer to the variable that
will contain
the serialized data. This variable has to be allocated by the user.
- \return None
-
\warning This function supports only AF_INET and AF_INET6 address
families.
*/
static void
--
2.14.3 (Apple Git-98)
>From 880fc2d6016c6bf9041e6480f899e1cc4cf6e019 Mon Sep 17 00:00:00 2001
From: Joerg Mayer
Date: Mon, 26 Mar 2018 13:23:51 +0200
Subject: [PATCH 3/4] Allow .devel file to be in the build directory in
addition to the source tree.
Signed-off-by: Joerg Mayer
---
CMakeLists.txt | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/CMakeLists.txt b/CMakeLists.txt
index de985e09..fa429cba 100644
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -1555,7 +1555,7 @@ macro(check_and_add_compiler_option _option)
endmacro()
set(C_ADDITIONAL_FLAGS "")
-if(EXISTS ${CMAKE_SOURCE_DIR}/.devel)
+if(EXISTS ${CMAKE_SOURCE_DIR}/.devel OR EXISTS ${CMAKE_BINARY_DIR}/.devel)
#
# Warning options.
#
--
2.14.3 (Apple Git-98)
>From 4c95dad018faea2b7184f72d3e48c0610b88c451 Mon Sep 17 00:00:00 2001
From: Joerg Mayer
Date: Mon, 26 Mar 2018 13:25:27 +0200
Subject: [PATCH 4/4] Add -Wdocumentation to development warnings
Signed-off-by: Joerg Mayer
---
CMakeLists.txt | 1 +
1 file changed, 1 insertion(+)
diff --git a/CMakeLists.txt b/CMakeLists.txt
index fa429cba..c69674f7 100644
--- a/CMakeLists.tx
Re: [tcpdump-workers] 4 small patches to libpcap
On Mon, Mar 26, 2018 at 11:09:03AM -0700, Guy Harris wrote: > > 0004-Add-Wdocumentation-to-development-warnings.patch > > > > Patch 4 is kind of "unclean" as it still generates warnings in the > > generated file > > scanner.c on my system (current macos with current xcode). > > Is that due to problems with what's in scanner.l or due to problems in the > code that Flex generates? > > If it's the latter, add "diagnostic ignored "-Wdiagnostic"" items to > DIAG_OFF_FLEX for the compilers that support it. There is no doxygen code in scanner.l. I followed your advice above and the attached patch fixes the problem. Thanks! Jörg -- Joerg Mayer We are stuck with technology when what we really want is just stuff that works. Some say that should read Microsoft instead of technology. >From 8551f6f318fae4e305de1c119b9600f065fa8def Mon Sep 17 00:00:00 2001 From: Joerg Mayer Date: Tue, 27 Mar 2018 12:46:29 +0200 Subject: [PATCH 3/3] Turn off -Wdocumentation warning for generated files generated by flex 2.5.35 Apple(flex-31) Signed-off-by: Joerg Mayer --- diag-control.h | 1 + 1 file changed, 1 insertion(+) diff --git a/diag-control.h b/diag-control.h index 8ab89526..2b51269f 100644 --- a/diag-control.h +++ b/diag-control.h @@ -70,6 +70,7 @@ #define DIAG_OFF_FLEX \ PCAP_DO_PRAGMA(clang diagnostic push) \ PCAP_DO_PRAGMA(clang diagnostic ignored "-Wsign-compare") + PCAP_DO_PRAGMA(clang diagnostic ignored "-Wdocumentation") #define DIAG_ON_FLEX \ PCAP_DO_PRAGMA(clang diagnostic pop) #elif PCAP_IS_AT_LEAST_GNUC_VERSION(4,6) -- 2.14.3 (Apple Git-98) ___ tcpdump-workers mailing list tcpdump-workers@lists.tcpdump.org https://lists.sandelman.ca/mailman/listinfo/tcpdump-workers
Re: [tcpdump-workers] 4 small patches to libpcap
On Tue, Mar 27, 2018 at 12:54:48PM +0200, Joerg Mayer wrote: > There is no doxygen code in scanner.l. I followed your advice above and the > attached patch fixes the problem. I should have added that I currently don't have GCC to test but that it most likely needs to be added to the GCC path as well. Kind regards Jörg -- Joerg Mayer We are stuck with technology when what we really want is just stuff that works. Some say that should read Microsoft instead of technology. ___ tcpdump-workers mailing list tcpdump-workers@lists.tcpdump.org https://lists.sandelman.ca/mailman/listinfo/tcpdump-workers
Re: [tcpdump-workers] 4 small patches to libpcap
On Tue, Mar 27, 2018 at 08:00:56PM -0700, Guy Harris wrote: > Checked in, with a missing \ added. and with the comment updated. > I'm not seeing it with flex 2.6.0, which I have installed in /usr/local/bin, > so maybe some later Flex version fixes the problem. Thanks! Can you please apply 0004-Add-Wdocumentation-to-development-warnings.patch from the original mail as well, now that the warnings are taken care of? Kind regards Jörg -- Joerg Mayer We are stuck with technology when what we really want is just stuff that works. Some say that should read Microsoft instead of technology. ___ tcpdump-workers mailing list tcpdump-workers@lists.tcpdump.org https://lists.sandelman.ca/mailman/listinfo/tcpdump-workers
[tcpdump-workers] Four more warning fix patches
These patches turn on some more warnings (or not) and fixes all warnings that
come up
Notes:
- 0001 is not sent (it's the previously sent -Wshadow fix)
- 0005 Fixes most of the trivial cases of -Wunused-parameter warnings. It does
not enable the warning.
Please apply in case they make sense.
Kind regards
Jörg
--
Joerg Mayer
We are stuck with technology when what we really want is just stuff that
works. Some say that should read Microsoft instead of technology.
>From a7d8a6af79cc8f4fad3851250e8cff70aea7ee06 Mon Sep 17 00:00:00 2001
From: Joerg Mayer
Date: Wed, 28 Mar 2018 09:57:32 +0200
Subject: [PATCH 2/5] Add -Wcomma and fix the single place it complains about
Signed-off-by: Joerg Mayer
---
CMakeLists.txt | 1 +
gencode.c | 3 ++-
2 files changed, 3 insertions(+), 1 deletion(-)
diff --git a/CMakeLists.txt b/CMakeLists.txt
index 05ecb4d5..ba2244ec 100644
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -1670,6 +1670,7 @@ if(EXISTS ${CMAKE_SOURCE_DIR}/.devel OR EXISTS
${CMAKE_BINARY_DIR}/.devel)
check_and_add_compiler_option(-Wdeclaration-after-statement)
check_and_add_compiler_option(-Wused-but-marked-unused)
check_and_add_compiler_option(-Wdocumentation)
+check_and_add_compiler_option(-Wcomma)
endif()
endif()
diff --git a/gencode.c b/gencode.c
index 5d0f95a2..5846c4f9 100644
--- a/gencode.c
+++ b/gencode.c
@@ -574,7 +574,8 @@ newchunk(compiler_state_t *cstate, size_t n)
cp = &cstate->chunks[cstate->cur_chunk];
if (n > cp->n_left) {
- ++cp, k = ++cstate->cur_chunk;
+ ++cp;
+ k = ++cstate->cur_chunk;
if (k >= NCHUNKS)
bpf_error(cstate, "out of memory");
size = CHUNK0SIZE << k;
--
2.14.3 (Apple Git-98)
>From 9886843362fb8b1685256f76ff1adba9606162f6 Mon Sep 17 00:00:00 2001
From: Joerg Mayer
Date: Wed, 28 Mar 2018 11:24:05 +0200
Subject: [PATCH 3/5] Add -Wmissing-noreturn to compiler warnings and fix all
fixable warnings.
Also suppress the one non-fixable warning:
build/scanner.c:5020:1: warning: function 'yy_fatal_error' could be declared
with attribute 'noreturn' [-Wmissing-noreturn]
Signed-off-by: Joerg Mayer
---
CMakeLists.txt | 1 +
diag-control.h | 3 ++-
gencode.c | 6 +++---
gencode.h | 2 +-
grammar.y | 2 +-
rpcapd/rpcapd.c | 2 +-
6 files changed, 9 insertions(+), 7 deletions(-)
diff --git a/CMakeLists.txt b/CMakeLists.txt
index ba2244ec..16211ac4 100644
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -1671,6 +1671,7 @@ if(EXISTS ${CMAKE_SOURCE_DIR}/.devel OR EXISTS
${CMAKE_BINARY_DIR}/.devel)
check_and_add_compiler_option(-Wused-but-marked-unused)
check_and_add_compiler_option(-Wdocumentation)
check_and_add_compiler_option(-Wcomma)
+check_and_add_compiler_option(-Wmissing-noreturn)
endif()
endif()
diff --git a/diag-control.h b/diag-control.h
index 6c2d4f45..751faa08 100644
--- a/diag-control.h
+++ b/diag-control.h
@@ -75,7 +75,8 @@
#define DIAG_OFF_FLEX \
PCAP_DO_PRAGMA(clang diagnostic push) \
PCAP_DO_PRAGMA(clang diagnostic ignored "-Wsign-compare") \
- PCAP_DO_PRAGMA(clang diagnostic ignored "-Wdocumentation")
+ PCAP_DO_PRAGMA(clang diagnostic ignored "-Wdocumentation") \
+ PCAP_DO_PRAGMA(clang diagnostic ignored "-Wmissing-noreturn")
#define DIAG_ON_FLEX \
PCAP_DO_PRAGMA(clang diagnostic pop)
#elif PCAP_IS_AT_LEAST_GNUC_VERSION(4,6)
diff --git a/gencode.c b/gencode.c
index 5846c4f9..642c068a 100644
--- a/gencode.c
+++ b/gencode.c
@@ -417,7 +417,7 @@ struct _compiler_state {
int cur_chunk;
};
-void
+void PCAP_NORETURN
bpf_syntax_error(compiler_state_t *cstate, const char *msg)
{
bpf_error(cstate, "syntax error in filter expression: %s", msg);
@@ -425,7 +425,7 @@ bpf_syntax_error(compiler_state_t *cstate, const char *msg)
}
/* VARARGS */
-void
+void PCAP_NORETURN
bpf_error(compiler_state_t *cstate, const char *fmt, ...)
{
va_list ap;
@@ -646,7 +646,7 @@ gen_retblk(compiler_state_t *cstate, int v)
return b;
}
-static inline void
+static inline PCAP_NORETURN void
syntax(compiler_state_t *cstate)
{
bpf_error(cstate, "syntax error in filter expression");
diff --git a/gencode.h b/gencode.h
index 58828ecd..f1bad215 100644
--- a/gencode.h
+++ b/gencode.h
@@ -369,7 +369,7 @@ struct icode {
};
void bpf_optimize(compiler_state_t *, struct icode *ic);
-void bpf_syntax_error(compiler_state_t *, const char *);
+void PCAP_NORETURN bpf_syntax_error(compiler_state_t *, const char *);
void PCAP_NORETURN bpf_error(compiler_state_t *, const char *, ...)
PCAP_PRINTFLIKE(2, 3);
diff --git a/grammar.y b/grammar.y
index 5aa6f38b..8af53e8a 100644
--- a/grammar.y
+++ b/grammar.y
@@
[tcpdump-workers] RFC Almost trivial unused-parameter patch (and lots of questions)
Hello,
attached a patch with the almost trivial fixes for -Wunused-paramter warnings.
The reason I'm sending this as a mail is, that while the patches look trivial
I'm not sure that they are always the correct approach:
- Why was envp[] part of the main() declaration?
- Is adding varattrs.h to rpcapd/rpcapd.c the correct approach to add _U_?
- IMO with these silenced, we can add the warning to devel.
The remaining warnings need someone with better understanding of the code to
fix:
- rpcapd/daemon.c:1538:183: warning: unused parameter 'samp_param' could be
silenced
by removing it, or by removing the #if 0 around "// Apply sampling parameters"
- bpf/net/bpf_filter.c:214:61: warning: unused parameter 'aux_data' led to the
following questions:
+ Is it correct to assume that neither KERNEL nor _KERNEL will be defined
anymore?
+ Is it correct to assume that SKF_AD_VLAN_TAG will be defined if
SKF_AD_VLAN_TAG_PRESENT is defined?
+ Is it correct that the sequence
"ANCILLARY(VLAN_TAG);ANCILLARY(VLAN_TAG_PRESENT);"
doesn't make too much sense, once the "break;" at the end of the macro is
expanded?
+ ==> This file looks like it is containing a bit of no longer needed code.
- pcap-rpcap.c:837:81: warning: unused parameter 'mode' also led to some
questions:
+ Why is pcap_stats_ex_rpcap() limited to win32?
+ Does it make sense to have REMOTE as a compile time flag? In case it does:
+ Does it make sense to check for REMOTE in pcap-rpcap.c?
Kind regards
Jörg
--
Joerg Mayer
We are stuck with technology when what we really want is just stuff that
works. Some say that should read Microsoft instead of technology.
>From 40b9c76ea2abc2a6319d8562b38fc39345e3226e Mon Sep 17 00:00:00 2001
From: Joerg Mayer
Date: Sat, 31 Mar 2018 13:38:01 +0200
Subject: [PATCH] Fix -Wunused-paramter warnings that are almost trivial and
enable the warning
Signed-off-by: Joerg Mayer
---
CMakeLists.txt | 1 +
aclocal.m4 | 1 +
diag-control.h | 3 ++-
rpcapd/rpcapd.c | 11 ++-
4 files changed, 10 insertions(+), 6 deletions(-)
diff --git a/CMakeLists.txt b/CMakeLists.txt
index 23f7036f..955b1685 100644
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -1674,6 +1674,7 @@ if(EXISTS ${CMAKE_SOURCE_DIR}/.devel OR EXISTS
${CMAKE_BINARY_DIR}/.devel)
check_and_add_compiler_option(-Wmissing-noreturn)
# Warns about safeguards added in case the enums are extended
# check_and_add_compiler_option(-Wcovered-switch-default)
+ check_and_add_compiler_option(-Wunused-parameter)
endif()
endif()
diff --git a/aclocal.m4 b/aclocal.m4
index a2ee7bb7..23d16221 100644
--- a/aclocal.m4
+++ b/aclocal.m4
@@ -853,6 +853,7 @@ AC_DEFUN(AC_LBL_DEVEL,
# Warns about safeguards added in case the enums are
# extended
# AC_LBL_CHECK_COMPILER_OPT($1, -Wcovered-switch-default)
+ AC_LBL_CHECK_COMPILER_OPT($1, -Wunused-parameter)
fi
AC_LBL_CHECK_DEPENDENCY_GENERATION_OPT()
#
diff --git a/diag-control.h b/diag-control.h
index 751faa08..ad5495ce 100644
--- a/diag-control.h
+++ b/diag-control.h
@@ -76,7 +76,8 @@
PCAP_DO_PRAGMA(clang diagnostic push) \
PCAP_DO_PRAGMA(clang diagnostic ignored "-Wsign-compare") \
PCAP_DO_PRAGMA(clang diagnostic ignored "-Wdocumentation") \
- PCAP_DO_PRAGMA(clang diagnostic ignored "-Wmissing-noreturn")
+ PCAP_DO_PRAGMA(clang diagnostic ignored "-Wmissing-noreturn") \
+ PCAP_DO_PRAGMA(clang diagnostic ignored "-Wunused-parameter")
#define DIAG_ON_FLEX \
PCAP_DO_PRAGMA(clang diagnostic pop)
#elif PCAP_IS_AT_LEAST_GNUC_VERSION(4,6)
diff --git a/rpcapd/rpcapd.c b/rpcapd/rpcapd.c
index a57df161..b1674b11 100755
--- a/rpcapd/rpcapd.c
+++ b/rpcapd/rpcapd.c
@@ -44,6 +44,7 @@
#include "fmtutils.h"
#include "sockutils.h" // for socket calls
+#include "varattrs.h" // for _U_
#include "portability.h"
#include "rpcapd.h"
#include "fileconf.h" // for the configuration file management
@@ -146,7 +147,7 @@ static void printusage(void)
//! Program main
-int main(int argc, char *argv[], char *envp[])
+int main(int argc, char *argv[])
{
char savefile[MAX_LINE + 1];// name of the file on which we
have to save the configuration
int isdaemon = 0; // Not null if the user wants
to run this program as a daemon
@@ -560,7 +561,7 @@ static BOOL WINAPI main_ctrl_event(DWORD ctrltype)
return TRUE;
}
#else
-static void main_terminate(int sign)
+static void main_terminate(int sign _U_)
{
//
// Note that the server should shut down.
@@ -570,7 +571,7 @@ static void main_terminate(int s
Re: [tcpdump-workers] proposed change: make tcpdump -n and tcpdump -nn behave differently
Hello, On Tue, Oct 30, 2018 at 09:48:13AM +, Denis Ovsienko wrote: > At https://github.com/the-tcpdump-group/tcpdump/pull/702 there is a simple > proposed change, which seems to be an improvement: > - > Subject: Introduce -nn option > > This changes the semantics on -n option so only namelookups are skipped. Port > numbers *are* translated to their string representations. Option -nn then has > the same semantics as -n had originally. > > This is a partial upstreaming of tcpdump-4.9.2-3 used in CentOs 7.5. > - > > If anybody sees how this change isn't an improvement, please make your point > on the list. I'm not so much for changing the behaviour of -n without good cause - using -n frequently between systems with different versions of tcpdump will likely force me to time and again type the command and then rerun it with the correct option. Maybe doing it the way Wireshark/tshark does it makes more sense, i.e. modify -N to add the specific things to resolve and with no qualifiers keep the original behaviour. excerpt from man tshark --- -N Turn on name resolving only for particular types of addresses and port numbers, with name resolving for other types of addresses and port numbers turned off. This option overrides -n if both -N and -n are present. If both -N and -n options are not present, all name resolutions are turned on. The argument is a string that may contain the letters: d to enable resolution from captured DNS packets m to enable MAC address resolution n to enable network address resolution N to enable using external resolvers (e.g., DNS) for network address resolution t to enable transport-layer port number resolution v to enable VLAN IDs to names resolution ----- Kind regards Jörg -- Joerg Mayer We are stuck with technology when what we really want is just stuff that works. Some say that should read Microsoft instead of technology. ___ tcpdump-workers mailing list tcpdump-workers@lists.tcpdump.org https://lists.sandelman.ca/mailman/listinfo/tcpdump-workers
