From: Guy Harris <[EMAIL PROTECTED]>
Subject: Re: [tcpdump-workers] core dump with PPP messages 1 byte long.
Date: Wed, 7 Jul 2004 00:56:38 -0700
> On Wed, Jul 07, 2004 at 04:21:39PM +1000, Darren Reed wrote:
> > IP 1.1.1.1.1701 > 2.2.2.2.1701: l2tp:[TLS](24460/32
> On Wed, Jul 07, 2004 at 04:21:39PM +1000, Darren Reed wrote:
> > IP 1.1.1.1.1701 > 2.2.2.2.1701: l2tp:[TLS](24460/3222)Ns=23239,Nr=647
> >*MSGTYPE(ICCN) *TX_CONN_SPEED(156000) *FRAMING_TYPE(A)
> >*VENDOR0c7f:ATTR0066(00) RX_CONN_SPEED(156000)
>
> I'm not sure what
On Wed, Jul 07, 2004 at 04:21:39PM +1000, Darren Reed wrote:
> IP 1.1.1.1.1701 > 2.2.2.2.1701: l2tp:[TLS](24460/3222)Ns=23239,Nr=647
>*MSGTYPE(ICCN) *TX_CONN_SPEED(156000) *FRAMING_TYPE(A)
>*VENDOR0c7f:ATTR0066(00) RX_CONN_SPEED(156000)
I'm not sure what the "framin
I believe the sessions I am seeing start out with a conversation like this:
IP 1.1.1.1.1701 > 2.2.2.2.1701: l2tp:[TLS](24460/0)Ns=23236,Nr=646 *MSGTYPE(HELLO)
IP 2.2.2.2.1701 > 1.1.1.1.1701: l2tp:[TLS](4/0)Ns=646,Nr=23237 ZLB
IP 1.1.1.1.1701 > 2.2.2.2.1701: l2tp:[TLS](24460/0)Ns=23237,Nr=646 *M
On Jul 5, 2004, at 4:51 AM, Darren Reed wrote:
If ppp_hdlc() is called with length < 2, bad things happen.
Should it be called *at all* from "handle_ppp()"?
Or, if this is really just HDLC-over-L2TP, in which case it should be
called directly from t
http://www.ietf.org/internet-drafts/dra
If ppp_hdlc() is called with length < 2, bad things happen.
Notably, if length == 1, handle_ppp() will be called with "length < 0".
At this point, things get ugly and print_unknown_data() tries to print
way too much data.
If ppp_hdlc() is being called with "p - 1", shouldn't the next parameter
