summaryrefslogtreecommitdiffstats
path: root/usr.sbin/tcpdump (follow)
Commit message (Collapse)AuthorAgeFilesLines
...
* Ensure the safety of isprint()'s argument. Suggested by guenther@ a fewmmcc2015-11-071-3/+3
| | | | weeks ago.
* Account for the header size when dealing with null link layer ifaces.jca2015-11-051-3/+3
| | | | From Kevin Reay, ok sthen@
* Print unsigned integers as unsigned integers, kill inconsistent casts.jca2015-11-051-6/+5
| | | | Initial diff by Kevin Reay.
* Cap the GRE packet len to tcpdump's snap len, fixes a segfault.jca2015-11-051-1/+4
| | | | From Kevin Reay, ok sthen@
* When fetching the GRE version, use GRE_VERS and not a naked "7" as mask.jca2015-11-051-2/+2
| | | | From Kevin Reay
* spelling; from tjjmc2015-11-051-3/+3
|
* Surround pledge call with blank lines.mmcc2015-11-031-1/+3
|
* Print RDNSS nameserver addresses, and print option names for some othersthen2015-11-021-2/+31
| | | | | known options that we don't otherwise decode yet (DNSSL, route information). ok mpi@
* Remove register keyword uses. Still needs to be done in all othermmcc2015-11-011-46/+46
| | | | | | tcpdump source files. ok kettenis@
* pcap_stat fields are unsigned, print them as suchjca2015-10-281-3/+3
| | | | Patch from Kevin Reay.
* Cast ctype functions' argument to unsigned char.mmcc2015-10-251-7/+7
| | | | ok guenther@
* Carry out additional length/size checks in DECnet packet printing, avoiding asthen2015-10-241-41/+173
| | | | | | segfault with malformed packets. Adapted from f61639179282 in tcpdump.org git by Kevin Reay, but not including the header no-copy optimization that was in the upstream patch. ok benno@
* Add an explicit check for a malformed AS segment with (segment length 0),sthen2015-10-201-5/+8
| | | | | | | | avoiding division by zero when deciding whether it contains 2- or 4-byte ASNs. Refactor TCHECK calls to ensure proper coverage. From Kevin Reay, ok canacar with wording tweak (I used "malformed" rather than canacar's suggested "invalid size" or Kevin's original "empty").
* Fix a crash that occurs when printing the filename in a malformed NFSlteo2015-10-151-3/+5
| | | | | | | | | request packet. From Kevin Reay who obtained the fix from the tcpdump.org repo (part of commit 6191f36146f5d286304e9b6e893477fe509d83ab). ok canacar@ sthen@
* Remove conditional compilation and #defines around signal handlingguenther2015-10-144-59/+24
| | | | | | | Don't catch signals that were ignored on entry Suppress SIGCHLD if our kid is stopped: we don't care and it's not an error ok millert@
* Don't use exp2f(), it breaks build on vax. Use a shift instead.stsp2015-10-132-5/+4
| | | | reported by deraadt@
* Fix a copy-pasto: Check the correct bit for STBC beacon in HT OP element.stsp2015-10-121-2/+2
| | | | ok sthen@
* The <ctype.h> is*() interfaces expect EOF or an unsigned char; cast toguenther2015-10-111-2/+3
| | | | | | (unsigned char) as required found by Michael McConville (mmcconv1 (at) sccs.swarthmore.edu) w/Coccinelle
* Make tcpdump(1) print more information from the HT Capabilities element.stsp2015-10-102-4/+85
| | | | tweak + ok sthen@
* Change all tame callers to namechange to pledge(2).deraadt2015-10-092-6/+6
|
* Move from tame "cmsg" to tame "sendfd" or "recvfd", depending on whichderaadt2015-10-061-2/+2
| | | | way the process moves fd's.
* tcpdump is two-process privsep.deraadt2015-10-032-2/+6
| | | | | | | | | | | | | | | the packet processor pid is initialized on a socketpair, and then only does byte analysis. it can be protected using a "stdio" tame request. an successfull attack against it will find it cannot open files nor sockets, and faces various other limitations described in the tame(2) manual page. the monitor process can be restricted to "malloc cmsg inet ioctl dns rpath". that sounds like a large subset, but notice it cannot create or write files. maybe this set can be wittled down by hoisting more initialization code upwards? with help from canacar a while back.
* remove a bsdi ifdef pathjsg2015-10-011-14/+1
| | | | "kill it with fire" deraadt@
* lint is dead: delete the trivial uses of /* VARARGS[0-9]+ */guenther2015-09-271-3/+1
| | | | (others require more care)
* avoid trailing .Ns, reduce .Xo and .Sm, drop redundant .Bkschwarze2015-09-251-13/+4
|
* Avoid .Ns right after .Pf, it's pointless.schwarze2015-09-141-3/+3
| | | | In some cases, do additional cleanup in the immediate vicinity.
* hex array of bytes should be printed fixed-form; from Jihyun Yuderaadt2015-09-061-2/+2
|
* since stdlib.h is in scope, don't cast.... you know the drill.deraadt2015-08-219-29/+29
| | | | no sneakiness detected by krw
* stdlib.h is in scope; do not cast malloc/calloc/realloc*deraadt2015-08-201-3/+2
| | | | ok millert krw
* In tcpdump, show 11n HTOP primary and secondary channel numbers for 40MHz BSS,stsp2015-07-191-7/+21
| | | | | instead of showing just the primary one and "above" or "below" for secondary. ok sthen
* Make tcpdump show HTOP elements in 11n management frames; ok sthen@stsp2015-07-181-1/+105
|
* Add an example about showing wireless frames with tcpdump(8).stsp2015-07-181-2/+5
| | | | | | Apparently sniffing wifi frames isn't a very popular addiction?!? Requested by David Hill. ok aja phessler mpi
* Make tcpdump decode the country element in 802.11 mgmt frames.stsp2015-07-171-3/+49
| | | | much help and ok zhuk@, ok sthen@ for an earlier version
* Make tcpdump display BSS load information contained in 802.11 mgmt frames.stsp2015-07-171-1/+9
| | | | ok phessler sthen
* add missing ELEM_CHECK for csa printing, spotted by / ok stsp@sthen2015-07-161-1/+2
|
* Make tcpdump show 11n HT capabilities in 802.11 management frames.stsp2015-07-161-1/+83
| | | | ok deraadt@ zhuk@ sthen@
* Unbreak the tree. Remove use of removed ieee80211 element IDs from hostapdstsp2015-07-151-5/+5
| | | | | and from tcpdump. Pointed out by James Hartley.
* Move the BIOCGSTATS ioctl operation done by the tcpdump processderaadt2015-07-143-11/+46
| | | | | (at ^C time) into a services provided by the privsep monitor. ok canacar
* For ASCII dumps, tighten printable characters. \v and \f aren't.naddy2015-07-121-3/+5
| | | | ok semarie@ sthen@
* Convert many atoi() calls to strtonum(), adding range checks and failurederaadt2015-04-181-7/+10
| | | | | handling along the way. Reviews by Brendan MacDonell, Jeremy Devenport, florian, doug, millert
* opt{ind,err,arg} are already knownderaadt2015-04-151-5/+1
|
* Teach the 802.11 printer about Channel Switch Announcements (advertised bysthen2015-04-081-1/+5
| | | | | | | | | an AP in beacons in the run-up to a channel switch, either for radar avoidance, or for frequency management). ok stsp@ We don't support these in net80211 yet (as pointed out by stsp a few days ago) but it's useful to at least have a way to debug why your connection is getting knocked down!
* Upstream has retired the gnuc.h header, so do so as well, killing a gcc 2.xguenther2015-04-056-47/+6
| | | | | | reference. ok sthen@ jca@ deraadt@
* Most packets generate one line in tcpdump. For AH and RIP therebluhm2015-03-292-4/+4
| | | | | | was an extra line without benefit. Remove the new-line in printf to make parsing easier. OK lteo@ mikeb@
* tzfile.h is an internal header that should never have been installed.millert2015-03-151-3/+2
| | | | | | | | | What's worse, the tzfile.h that gets installed is over 20 years old and doesn't match the real tzfile.h in libc/time. This makes the tree safe for /usr/include/tzfile.h removal. The TM_YEAR_BASE define has been moved to time.h temporarily until its usage is replaced by 1900 in the tree. Actual removal of tzfile.h is pending a ports build. Based on a diff from deraadt@
* Reduce usage of predefined strings in manpages.bentley2015-02-281-4/+4
| | | | | | | | | | | Predefined strings are not very portable across troff implementations, and they make the source much harder to read. Usually the intended character can be written directly. No output changes, except for two instances where the incorrect escape was used in the first place. tweaks + ok schwarze@
* clean up flags++ instances around getopt()deraadt2015-02-091-16/+16
| | | | ok florian
* Adjust <sys/param.h> comments regarding use of use of MSIZE, orderaadt2015-01-205-15/+16
| | | | | delete <sys/param.h> if now possible ok guenther
* Replace <sys/param.h> with <limits.h> and other less dirty headers wherederaadt2015-01-1661-136/+80
| | | | | | | | | possible. Annotate <sys/param.h> lines with their current reasons. Switch to PATH_MAX, NGROUPS_MAX, HOST_NAME_MAX+1, LOGIN_NAME_MAX, etc. Change MIN() and MAX() to local definitions of MINIMUM() and MAXIMUM() where sensible to avoid pulling in the pollution. These are the files confirmed through binary verification. ok guenther, millert, doug (helped with the verification protocol)
* Catch up with the BPF_ALIGNMENT switch to the uint32_t.mikeb2014-12-092-4/+4
| | | | | | | | | | | | | bpf aligns data following the datalink header (e.g. ethernet) on the BPF_ALIGNMENT boundary. Since rev1.41 of bpf.h it's uint32_t instead of a long. And also since then almost all packets become "unaligned" from the tcpdump perspective and require costly copies into the internal buffer. Neither IP header (struct ip) nor IPv6 (struct ip6_hdr) have fields larger than 32 bits and therefore alignment requirements for them are at most 32 bit. ok millert, jsg, deraadt
Copyright © 1996 – 2023 Jason A. Donenfeld. All Rights Reverse Engineered.