summaryrefslogtreecommitdiffstats
path: root/usr.sbin/tcpdump/print-ip.c (follow)
Commit message (Collapse)AuthorAgeFilesLines
* - (void)printf() -> printf(); the cast adds clutter for little value.procter2020-01-241-70/+73
| | | | | | | | | | - fprintf(stdout, ...) -> printf() - fputs(x, stdout) -> printf(); for consistency. fputs is twice as fast on atom x5-Z8300@1.44GHz but Amdahl sees a pure printf tcpdump only 2% slower than a pure fputs (for constant strings) tcpdump to /dev/null across a 20MB/~170k packet pcap file. ok dlg@ for fputs and ok tedu@ krw@ deraadt@ a2k19 for the rest
* print the IPs on ESP packets.dlg2019-09-191-1/+4
| | | | | | this was lost when tcpdump learnt to look inside udpencap. found by, and ok markus@
* Remove #ifdef INET6kn2018-10-221-4/+2
| | | | | | | | | | | | There's not reason to build without IPv6 support, `-U INET6' builds were broken anyway. Fix an empty redefine for IPPROTO_IPV6 in print-ip.c while here. No object change on amd64 and sparc64 with clang, gcc compiles differently but behaviour stays the same. OK denis deraadt
* move the ip checksumming code into in_cksum.cdlg2018-07-061-35/+1
| | | | | | | | this is part of a bigger change that refactors udp handling, but works on hosts of both endians. discussed at length with proctor@ ok sthen@
* print etherip on ipv6.dlg2018-02-101-3/+5
|
* rework ppp, pptp, and gre parsing.dlg2018-02-061-9/+4
| | | | | | | | | | | | | | | | | | | | | | this started cos i was looking at pptp, which came out like this: 23:52:00.197893 call 24 seq 7: gre-ppp-payload (gre encap) 23:52:00.198930 call 1 seq 7 ack 7: gre-ppp-payload (gre encap) now it looks like this: 23:52:00.197893 20.0.0.2 > 20.0.0.1: pptp callid 24 seq 7: 17.1.1.122 > 40.0.0.2: icmp: echo request 23:52:00.198930 20.0.0.1 > 20.0.0.2: pptp callid 1 seq 7 ack 7: 40.0.0.2 > 17.1.1.122: icmp: echo reply the big improvement in ppp parsing is it stops parsing based on what the ppp headers say, rather than what bytes have been captured. this also adds parsing of EAP packets. DLT_PPP_SERIAL is now recognised and printed. gre now prints the outer addresses always, not just when it's encapsulated by ipv6 or -v is passed to tcpdump. ok sthen@
* If a length from an ip packet encapsulated in gre or etherip would causejsg2016-10-301-1/+3
| | | | the position to go past snapend truncate. Found with afl.
* Replace a snapend test in ip_print() with a call to TCHECK2 as therejsg2016-10-301-5/+2
| | | | is already a trunc label with the same printf in the function.
* Remove remaining instances of the register keyword.mmcc2015-11-161-18/+17
| | | | ok deraadt@
* since stdlib.h is in scope, don't cast.... you know the drill.deraadt2015-08-211-2/+2
| | | | no sneakiness detected by krw
* Replace <sys/param.h> with <limits.h> and other less dirty headers wherederaadt2015-01-161-2/+1
| | | | | | | | | possible. Annotate <sys/param.h> lines with their current reasons. Switch to PATH_MAX, NGROUPS_MAX, HOST_NAME_MAX+1, LOGIN_NAME_MAX, etc. Change MIN() and MAX() to local definitions of MINIMUM() and MAXIMUM() where sensible to avoid pulling in the pollution. These are the files confirmed through binary verification. ok guenther, millert, doug (helped with the verification protocol)
* Catch up with the BPF_ALIGNMENT switch to the uint32_t.mikeb2014-12-091-2/+2
| | | | | | | | | | | | | bpf aligns data following the datalink header (e.g. ethernet) on the BPF_ALIGNMENT boundary. Since rev1.41 of bpf.h it's uint32_t instead of a long. And also since then almost all packets become "unaligned" from the tcpdump perspective and require costly copies into the internal buffer. Neither IP header (struct ip) nor IPv6 (struct ip6_hdr) have fields larger than 32 bits and therefore alignment requirements for them are at most 32 bit. ok millert, jsg, deraadt
* Restore packetp and snapend pointers once we're done with an incorrectlymikeb2014-12-031-7/+12
| | | | | | | | aligned IP/IPv6 packet so that tcpdump can print hexdump of the whole packet including the Ethernet header (if requested) and not only the IP/IPv6 part of it. ok jsg
* Fixup a crash found by jsg using the AFL fuzzer. IP and IPv6 printingmikeb2014-12-031-1/+6
| | | | | | | routines should check that there's at least a complete IP/IPv6 header available in the buffer before trying to do anything else. ok jsg
* No use for <netinet/in_systm.h> nor <netinet/tcpip.h>.mpi2014-08-141-3/+1
|
* Instead of showing the difference between a bad checksum and a goodlteo2014-06-201-6/+5
| | | | | | | | | | | | | | checksum, make tcpdump (with the -v flag) show the actual bad checksum within the IP/protocol header itself and what the good checksum should be, e.g. "[bad tcp cksum abcd! -> d1e6]" This change applies to IP, TCP (over IPv4 and IPv6), UDP (over IPv4 and IPv6), ICMP, and ICMPv6. This commit also fixes several inconsistencies in the way bad checksums were displayed for these protocols. Tested on amd64, i386, and macppc. ok henning@
* Make icmp_print() accept the length variable, which is the length of thelteo2014-01-111-2/+2
| | | | | | | | | | | | | packet without the IP header. This is needed by the next commit that will allow tcpdump to detect bad ICMP checksums. Related functions like {tcp,udp,icmp6}_print() already accept this length variable, so this change makes icmp_print() consistent with them as well. This commit makes no functional change to tcpdump itself. OK florian@
* Add TCP/UDP checksum display for v6 and clean up the checksumnaddy2010-01-121-2/+2
| | | | calculation. Mostly from tcpdump.org; ok jsing@
* rcsid[] and sccsid[] and copyright[] are essentially unmaintained (andderaadt2009-10-271-6/+1
| | | | | | | unmaintainable). these days, people use source. these id's do not provide any benefit, and do hurt the small install media (the 33,000 line diff is essentially mechanical) ok with the idea millert, ok dms
* trash $Header goo which is just annoying; 5595deraadt2007-10-071-2/+2
|
* When aligning buffers correctly handle the case where thecanacar2007-06-271-4/+7
| | | | | | buffers overlap, which happens on 64 bit archs, when handling encapsulated packets. Reported and tested by Jurjen Oskam additional testing by Stuart Henderson and todd@, ok henning@
* Pass the captured packet length in addition to the real packet lengthmoritz2006-06-011-3/+4
| | | | | | | to etherip_print() and do all the bounds checking with it. Also add bounds checks to ether_print(). This fixes even more crashes. ok canacar@
* No need for return; at end of functions returning void.moritz2006-05-291-3/+2
|
* Be more careful to not touch memory outside themoritz2006-05-291-18/+26
| | | | | | captured packet. Fixes some more crashes. ok canacar@ deraadt@
* Check IP version when decoding v4 and v6 packets.canacar2005-10-081-2/+6
| | | | From Jason Wright via PR-4531.
* print ip_len for -v; ok otto, hshoexer, henningmarkus2004-10-151-2/+4
|
* print checksum differences on -vv; ok otto@markus2004-08-101-2/+4
|
* Pass the length of what was captured to pfsync_print, not the lengthmcbride2004-05-081-3/+5
| | | | | | of the original packet. ok beck@
* Make tcpdump print carp as carp. Printing vrrp can be forced with -T vrrp.mcbride2004-04-281-8/+16
| | | | ok markus@ pb@
* Some more non-alignment problems resolved.otto2004-02-041-3/+4
| | | | ok deraadt@
* Do away with non-aligned memory accesses.otto2004-02-021-5/+4
| | | | ok deraadt@ hshoexer@
* Clean up pfsync output: print source address by default, pass -vv correctlymcbride2004-01-211-6/+2
| | | | to pf_print_state(), and other minor cleanup.
* Change pfsync IP protocol and multicast group numbers.mcbride2003-12-171-3/+3
| | | | | | | IPPROTO_PFSYNC -> 240 INADDR_PFSYNC_GROUP -> 224.0.0.240 ok deraadt@
* Add initial support for pf state synchronization over the network.mcbride2003-12-151-2/+13
| | | | | | | | | | | | | | | | | | | | | | | | | Implemented as an in-kernel multicast IP protocol. Turn it on like this: # ifconfig pfsync0 up syncif fxp0 There is not yet any authentication on this protocol, so the syncif must be on a trusted network. ie, a crossover cable between the two firewalls. NOTABLE CHANGES: - A new index based on a unique (creatorid, stateid) tuple has been added to the state tree. - Updates now appear on the pfsync(4) interface; multiple updates may be compressed into a single update. - Applications which use bpf on pfsync(4) will need modification; packets on pfsync no longer contains regular pf_state structs, but pfsync_state structs which contain no pointers. Much more to come. ok deraadt@
* add printing of ipcomp, and while in the neighborhood, make ah/esp actuallyjason2003-02-201-2/+9
| | | | check the length of the data
* Show DF on IP fragmentscedric2003-02-111-3/+4
| | | | ok henric@
* remove egp support; unresolved non-bsd license for a decoder of protocol thatjakob2002-09-181-6/+2
| | | | noone uses anymore is not worth the amount of work needed to be resolved.
* If the IP header length is zero, the packet will loop in ip_print().deraadt2002-04-101-2/+6
| | | | Taken from tcpdump 3.7.1; mbing@nfr.net; ho ok
* There has been confusion wrt IP protocols 4, 94 and 98. Make usniklas2001-02-151-8/+8
| | | | consistent, and make IPSEC tunnelmode tcpdumping work as expected.
* etherip printing code... handles draft (v2) and current (v3)jason2001-02-051-2/+10
|
* when printing vrrp and verbose set -- print src/dst ip addrsmickey2000-12-221-2/+6
|
* add vrrp printing; from tcpdump.orgmickey2000-12-071-16/+33
|
* Add $OpenBSD$. (jakob@ ok)ho2000-10-031-1/+3
|
* INET6jakob2000-04-261-1/+19
| | | | | | DHCP/BOOTP tcp & udp checksum detection numerous bugfixes
* Mobile IP support (from KAME/NetBSD)jakob2000-01-161-1/+16
|
* big endian fixes; ryker, jd@noc7.uchsc.eduderaadt1999-10-061-2/+2
|
* bring more inline with tcpdump 3.4brad1999-09-161-2/+2
|
* - Merge some changes from tcpdump 3.4jakob1999-07-281-3/+41
| | | | | | | | | | | | | | | -a flag; attempt to convert network and broadcast addresses to names Improved signal handling Miscellaneous fixes and typos OSPF MD5 authentication support - -X flag; emacs-hexl print (including ascii) - Add ECN bits to TCP and IP headers - IKE & IPsec (ESP & AH) support OK deraadt@
* *** empty log message ***bitblt1996-12-121-61/+102
|
* it is 3.2 now.mickey1996-07-131-23/+141
|
Copyright © 1996 – 2023 Jason A. Donenfeld. All Rights Reverse Engineered.