summaryrefslogtreecommitdiffstats
path: root/usr.sbin/tcpdump (follow)
Commit message (Collapse)AuthorAgeFilesLines
...
* hex array of bytes should be printed fixed-form; from Jihyun Yuderaadt2015-09-061-2/+2
|
* since stdlib.h is in scope, don't cast.... you know the drill.deraadt2015-08-219-29/+29
| | | | no sneakiness detected by krw
* stdlib.h is in scope; do not cast malloc/calloc/realloc*deraadt2015-08-201-3/+2
| | | | ok millert krw
* In tcpdump, show 11n HTOP primary and secondary channel numbers for 40MHz BSS,stsp2015-07-191-7/+21
| | | | | instead of showing just the primary one and "above" or "below" for secondary. ok sthen
* Make tcpdump show HTOP elements in 11n management frames; ok sthen@stsp2015-07-181-1/+105
|
* Add an example about showing wireless frames with tcpdump(8).stsp2015-07-181-2/+5
| | | | | | Apparently sniffing wifi frames isn't a very popular addiction?!? Requested by David Hill. ok aja phessler mpi
* Make tcpdump decode the country element in 802.11 mgmt frames.stsp2015-07-171-3/+49
| | | | much help and ok zhuk@, ok sthen@ for an earlier version
* Make tcpdump display BSS load information contained in 802.11 mgmt frames.stsp2015-07-171-1/+9
| | | | ok phessler sthen
* add missing ELEM_CHECK for csa printing, spotted by / ok stsp@sthen2015-07-161-1/+2
|
* Make tcpdump show 11n HT capabilities in 802.11 management frames.stsp2015-07-161-1/+83
| | | | ok deraadt@ zhuk@ sthen@
* Unbreak the tree. Remove use of removed ieee80211 element IDs from hostapdstsp2015-07-151-5/+5
| | | | | and from tcpdump. Pointed out by James Hartley.
* Move the BIOCGSTATS ioctl operation done by the tcpdump processderaadt2015-07-143-11/+46
| | | | | (at ^C time) into a services provided by the privsep monitor. ok canacar
* For ASCII dumps, tighten printable characters. \v and \f aren't.naddy2015-07-121-3/+5
| | | | ok semarie@ sthen@
* Convert many atoi() calls to strtonum(), adding range checks and failurederaadt2015-04-181-7/+10
| | | | | handling along the way. Reviews by Brendan MacDonell, Jeremy Devenport, florian, doug, millert
* opt{ind,err,arg} are already knownderaadt2015-04-151-5/+1
|
* Teach the 802.11 printer about Channel Switch Announcements (advertised bysthen2015-04-081-1/+5
| | | | | | | | | an AP in beacons in the run-up to a channel switch, either for radar avoidance, or for frequency management). ok stsp@ We don't support these in net80211 yet (as pointed out by stsp a few days ago) but it's useful to at least have a way to debug why your connection is getting knocked down!
* Upstream has retired the gnuc.h header, so do so as well, killing a gcc 2.xguenther2015-04-056-47/+6
| | | | | | reference. ok sthen@ jca@ deraadt@
* Most packets generate one line in tcpdump. For AH and RIP therebluhm2015-03-292-4/+4
| | | | | | was an extra line without benefit. Remove the new-line in printf to make parsing easier. OK lteo@ mikeb@
* tzfile.h is an internal header that should never have been installed.millert2015-03-151-3/+2
| | | | | | | | | What's worse, the tzfile.h that gets installed is over 20 years old and doesn't match the real tzfile.h in libc/time. This makes the tree safe for /usr/include/tzfile.h removal. The TM_YEAR_BASE define has been moved to time.h temporarily until its usage is replaced by 1900 in the tree. Actual removal of tzfile.h is pending a ports build. Based on a diff from deraadt@
* Reduce usage of predefined strings in manpages.bentley2015-02-281-4/+4
| | | | | | | | | | | Predefined strings are not very portable across troff implementations, and they make the source much harder to read. Usually the intended character can be written directly. No output changes, except for two instances where the incorrect escape was used in the first place. tweaks + ok schwarze@
* clean up flags++ instances around getopt()deraadt2015-02-091-16/+16
| | | | ok florian
* Adjust <sys/param.h> comments regarding use of use of MSIZE, orderaadt2015-01-205-15/+16
| | | | | delete <sys/param.h> if now possible ok guenther
* Replace <sys/param.h> with <limits.h> and other less dirty headers wherederaadt2015-01-1661-136/+80
| | | | | | | | | possible. Annotate <sys/param.h> lines with their current reasons. Switch to PATH_MAX, NGROUPS_MAX, HOST_NAME_MAX+1, LOGIN_NAME_MAX, etc. Change MIN() and MAX() to local definitions of MINIMUM() and MAXIMUM() where sensible to avoid pulling in the pollution. These are the files confirmed through binary verification. ok guenther, millert, doug (helped with the verification protocol)
* Catch up with the BPF_ALIGNMENT switch to the uint32_t.mikeb2014-12-092-4/+4
| | | | | | | | | | | | | bpf aligns data following the datalink header (e.g. ethernet) on the BPF_ALIGNMENT boundary. Since rev1.41 of bpf.h it's uint32_t instead of a long. And also since then almost all packets become "unaligned" from the tcpdump perspective and require costly copies into the internal buffer. Neither IP header (struct ip) nor IPv6 (struct ip6_hdr) have fields larger than 32 bits and therefore alignment requirements for them are at most 32 bit. ok millert, jsg, deraadt
* Restore packetp and snapend pointers once we're done with an incorrectlymikeb2014-12-032-11/+22
| | | | | | | | aligned IP/IPv6 packet so that tcpdump can print hexdump of the whole packet including the Ethernet header (if requested) and not only the IP/IPv6 part of it. ok jsg
* Fixup a crash found by jsg using the AFL fuzzer. IP and IPv6 printingmikeb2014-12-032-7/+12
| | | | | | | routines should check that there's at least a complete IP/IPv6 header available in the buffer before trying to do anything else. ok jsg
* Prefer setvbuf() to setlinebuf() for portability; ok deraadt@millert2014-11-261-5/+1
|
* better length handling. Fixes a crash found with the afl fuzzer.jsg2014-11-201-1/+6
| | | | slightly tweaked version of an earlier diff ok'd by djm@ and miod@
* sanity check the length of the packet in the pcap headerjsg2014-11-201-2/+2
| | | | | | fixes a crash found by the afl fuzzer ok djm@ miod@
* Make ip6_print() take an unsigned length matchingjsg2014-11-202-5/+5
| | | | | | | | | | | ip_print() and others. Allows code deciding on a minimum length to memmove() to work as intended, preventing various crashes found with the afl fuzzer. Callers of ip6_print() should of course be fixed to provide sane lengths as well. ok deraadt@ djm@
* obvious malloc() -> reallocarray() oflow check; ok dougderaadt2014-10-081-2/+2
|
* No use for <netinet/in_systm.h> nor <netinet/tcpip.h>.mpi2014-08-1444-96/+44
|
* Fix tcpdump(8) display of logical link control data in IEEE802 frames.stsp2014-07-201-2/+2
| | | | | | The frame subtype field is in the first byte of frame control but tcpdump(8) was looking at the second byte to determine if this is a data frame. Patch by Nathanael Rensen, thanks!
* Tcpdump did not show the OSPF router id of hello packets if it wasbluhm2014-07-042-6/+3
| | | | | | equal to the source ip address. This is confusing and inconsistent with IPv6. So always print the rtrid. OK stsp@
* remove backwards compat layer for alpha osf1. back then compilers andderaadt2014-06-304-79/+3
| | | | | | the parsers sucked, so byte misalignment repair was requested. These days it means the parsers should improve. ok lteo
* Instead of showing the difference between a bad checksum and a goodlteo2014-06-205-34/+46
| | | | | | | | | | | | | | checksum, make tcpdump (with the -v flag) show the actual bad checksum within the IP/protocol header itself and what the good checksum should be, e.g. "[bad tcp cksum abcd! -> d1e6]" This change applies to IP, TCP (over IPv4 and IPv6), UDP (over IPv4 and IPv6), ICMP, and ICMPv6. This commit also fixes several inconsistencies in the way bad checksums were displayed for these protocols. Tested on amd64, i386, and macppc. ok henning@
* Import in_cksum_shouldbe() from mainline tcpdump; this is needed by mylteo2014-06-203-4/+93
| | | | | | | upcoming commit which will fix and improve the display of bad checksums for the major protocols. ok henning@
* Expand the IP checksum offload subsection to mention the same issue withlteo2014-06-031-4/+4
| | | | | | | protocol checksum offload, where tcpdump might see bad checksums on valid packets. ok henning@ jmc@
* Don't print a "weird flag" type warning "[b2&3=0x2400]" for DNS NOTIFYsthen2014-05-232-4/+7
| | | | | | messages which should be sent with AA set. Adapted from a patch at http://marc.info/?l=tcpdump-patches&m=98115734907026&w=2 pointed out by Peter J. Philipp, ok henning@
* Add pcap-filter(3) to the SEE ALSO section.lteo2014-02-191-2/+3
| | | | ok jmc@
* Don't segfault on IPv6 NFS traffic; found the hard why by matthieu@.florian2014-02-052-9/+46
| | | | | | Fix inspired by what upstream is doing. Tested by me and matthieu@. Input^WHand holding and OK guenther@
* show that zero checksums are invalid for UDP over IPv6; input & ok bluhm@naddy2014-01-261-2/+4
|
* plen is unsignedderaadt2014-01-121-3/+3
|
* Let tcpdump detect bad ICMPv6 checksums with the -v flag.lteo2014-01-111-1/+42
| | | | | | Tested on amd64, i386, loongson, and macppc. OK florian@
* Let tcpdump detect bad ICMP checksums with the -v flag.lteo2014-01-111-2/+12
| | | | | | Tested on amd64, i386, loongson, and macppc. OK florian@
* Make icmp_print() accept the length variable, which is the length of thelteo2014-01-114-10/+11
| | | | | | | | | | | | | packet without the IP header. This is needed by the next commit that will allow tcpdump to detect bad ICMP checksums. Related functions like {tcp,udp,icmp6}_print() already accept this length variable, so this change makes icmp_print() consistent with them as well. This commit makes no functional change to tcpdump itself. OK florian@
* ctype cleanups, now that the kernel has u_char strings (that is thederaadt2013-12-221-15/+15
| | | | | easy road, otherwise this would be a righteous mess) ok florian
* no need for timeb.hderaadt2013-12-031-2/+1
|
* If a constant string needs a name, use a static const array instead of aguenther2013-10-271-2/+2
| | | | | | | | pointer or non-const array, as that minimizes the symbols, maximizes the placement into read-only memory, and avoids warnings from gcc -Wformat=2 when they're used as format strings. ok deraadt@
* These two programs got fooled by the KAME/NRL split and need type repair.deraadt2013-10-241-4/+4
| | | | | | They do not indicate a problem with the reduction of namespace export, but got suckered into the 1999 plan. ok benno
Copyright © 1996 – 2023 Jason A. Donenfeld. All Rights Reverse Engineered.