great. Thank you for including sample packets!
Is this the kind of thing seen in home routers/SoC?
I'm just wondering where one has to dump to see traffic like this...
--
] Never tell me the odds! | ipv6 mesh networks [
] Michael Richardson, Sandelman Software Works
Forwarding to list for wider discussion.
Guy Harris notificati...@github.com wrote:
The bittok2str routines are, for better or worse, currently being used
for bitfields that aren't flags, e.g. the recursion count field in
GRE (or recursion control, as it's called in RFC 1701).
What do you think of this patch.
I was trying to use ND_TTEST2() in a place where l was seemingly to become
negative, and I felt that we should check for that situation.
In the situation at hand, that actually wasn't the problem, but I still think
that perhaps this is a good thing.
---
[
] Michael Richardson, Sandelman Software Works| network architect [
] m...@sandelman.ca http://www.sandelman.ca/| ruby on rails[
___
tcpdump-workers mailing list
tcpdump-workers@lists.tcpdump.org
https
Denis Ovsienko notificati...@github.com wrote:
Could you please check bpf repository once again? There is still no
such commit in it.
okay, I sorted things out.
The problem is that I got stuck with the MPTCP patch which no longer
compiled, and wound up reverting too much, and then I
Longinus00 notificati...@github.com wrote:
The final commit in my tcp_fast_open brach was never merged into the
upstream because of the issue with sequence number tracking. Handling
all the corner cases and getting a correct output would also
potentially create
Guy Harris notificati...@github.com wrote:
I guess my concern is whether the our own copy could get people
complaining that we just took GPLed code from Linux or not; if it was a
reimplementation from scratch (I don't think clean room is
necessary), that should suffice.
I am
http://xmodulo.com/how-to-check-package-dependencies-on-ubuntu-or-debian.html
To show package dependency information of a particular package (e.g.,
tcpdump), run the command with package name:
___
tcpdump-workers mailing list
Denis Ovsienko de...@ovsienko.info wrote:
Thus the behaviour is the same as it used to be for years, both on
tcpdump side and on Linux side. It must be the odd timing that kept me
thinking the BPF filter had somewhere flipped to do the opposite from
its normal job, I had
the odds! | ipv6 mesh networks [
] Michael Richardson, Sandelman Software Works| network architect [
] m...@sandelman.ca http://www.sandelman.ca/| ruby on rails[
___
tcpdump-workers mailing list
tcpdump-workers
Denis Ovsienko de...@ovsienko.info wrote:
I have to correct myself: tcpdump -pni eth0 not tcp actually yields
both TCP and everything else (ARP and UDP). It turns out that during
all previous runs that everything else just didn't make it to the
screen because of timing. Now it
.
Eventually, we'll be using this format to debug multi-path TCP, in which case
the IP addresses (and maybe even the IP4/IP6-ness of it) might change.
And gzip'ed those addresses will compress quite easily.
--
] Never tell me the odds! | ipv6 mesh networks [
] Michael
should be able to override things.
I had hoped to spend time on tcpdump over the holidays, but IETF nomcom work
ate my brain.
--
] Never tell me the odds! | ipv6 mesh networks [
] Michael Richardson, Sandelman Software Works| network architect [
] m
Xiufeng Xie xxi...@wisc.edu wrote:
is not caused by tcpdump, libpcap or Android. I found the phone actually
has two LTE interfaces lte_rmnet0 and lte_rmnet1, which is
Maybe different frequencies?
4G VoIP vs 4G data?
___
tcpdump-workers
Do people know that #tcpdump-dev on irc.freenode.net has the git.io bot in
it, and see stuff like:
(01:48:44 PM) GitHub15: tcpdump/master 94b4c01 Denis Ovsienko: OpenFlow: add
vendor name printing...
(01:48:44 PM) GitHub15: tcpdump/master 78a0b1c Denis Ovsienko: OpenFlow:
improve vendor message
networks [
] Michael Richardson, Sandelman Software Works| network architect [
] m...@sandelman.ca http://www.sandelman.ca/| ruby on rails[
___
tcpdump-workers mailing list
tcpdump-workers@lists.tcpdump.org
https
to get a fresh kernel and a bigger (inode-wise) /.
___
tcpdump-workers mailing list
tcpdump-workers@lists.tcpdump.org
https://lists.sandelman.ca/mailman/listinfo/tcpdump-workers
for another
disaster.
--
] Never tell me the odds! | ipv6 mesh networks [
] Michael Richardson, Sandelman Software Works| network architect [
] m...@sandelman.ca http://www.sandelman.ca/| ruby on rails
than one person's laptop at a time.
So I guess we should remove it from git, and go back to CVS?
--
] Never tell me the odds! | ipv6 mesh networks [
] Michael Richardson, Sandelman Software Works| network architect [
] m...@sandelman.ca http
of, was listed as a child
of some random other user]
--
] Never tell me the odds! | ipv6 mesh networks [
] Michael Richardson, Sandelman Software Works| network architect [
] m...@sandelman.ca http://www.sandelman.ca/| ruby on rails
) this CVE process has been botched (I said this, and I take
responsability for this)
before I propose some solution/policy/adjustment, I want to make sure that
I've heard all the issues.
--
] Never tell me the odds! | ipv6 mesh networks [
] Michael Richardson
Romain Francoise rfranco...@debian.org wrote:
That's a lot bigger than typical security patches. :(
It's in the tcpdump.org/beta/ directory, but I didn't want to release
until the distros had a chance to patch.
But did you notify the distros? Because I didn't get advance
Guy Harris g...@alum.mit.edu wrote:
I'm looking for the official patches for CVE-2014-8767, CVE-2014-8768
and CVE-2014-8769 but they don't seem to be in the Github repository.
Michael, are changes made to the bpf.tcpdump.org repository still
getting pushed to the Github
a
RFC name (if available) is defined with hyphens and not spaces. (Ok,
there are maybe exceptions and some protocols are not defined par a
RFC).
Yes, this is the right thing to do.
--
] Never tell me the odds! | ipv6 mesh networks [
] Michael Richardson
suggests that it all just works... I will report when I know what kernel
I need to make this work, and I guess we should have a web page on doing
this, and what is going on.
--
] Never tell me the odds! | ipv6 mesh networks [
] Michael Richardson, Sandelman Software
won't bother with
bytes of output that don't help.
--
] Never tell me the odds! | ipv6 mesh networks [
] Michael Richardson, Sandelman Software Works| network architect [
] m...@sandelman.ca http://www.sandelman.ca/| ruby on rails
output?
I'm thinking that we leave the () there, and just make it blank when we don't
know rather than say oui unknown.
--
] Never tell me the odds! | ipv6 mesh networks [
] Michael Richardson, Sandelman Software Works| network architect [
] m
John Hawkinson jh...@mit.edu wrote:
In the interim, I suggest removing the word oui, and also the
unknown string. We'll report the things in our table, and just
won't bother with bytes of output that don't help.
That was my original proposal. Do you want a patch?
Yes.
If
1306300953 ecr 1306300951], length 5559: HTTP:
HTTP/1.1 200 OK
Did something change with the print-http and it's sensitivity to flags?
--
] Never tell me the odds! | ipv6 mesh networks [
] Michael Richardson, Sandelman Software Works| network architect [
] m
see twice the amount of memory (4G) being allocated from
the same command
The other question, other than kernel version, is if they are the same
32-bit/64-bit?
--
] Never tell me the odds! | ipv6 mesh networks [
] Michael Richardson, Sandelman Software Works
bpf.tcpdump.org will go down at 9am EDT until around 11am EDT so that
it can be moved to a location (a host, it's a VM) with more stable power.
___
tcpdump-workers mailing list
tcpdump-workers@lists.tcpdump.org
name, or if someone has a better name. Arguably, pktcap
actually belongs in the libpcap repository...)
--
] Never tell me the odds! | ipv6 mesh networks [
] Michael Richardson, Sandelman Software Works| network architect [
] m...@sandelman.ca http
mesh networks [
] Michael Richardson, Sandelman Software Works| network architect [
] m...@sandelman.ca http://www.sandelman.ca/| ruby on rails[
___
tcpdump-workers mailing list
tcpdump-workers@lists.tcpdump.org
), or because???
If we don't need it, can we remove the test in configure for it?
--
] Never tell me the odds! | ipv6 mesh networks [
] Michael Richardson, Sandelman Software Works| network architect [
] m...@sandelman.ca http://www.sandelman.ca
networks [
] Michael Richardson, Sandelman Software Works| network architect [
] m...@sandelman.ca http://www.sandelman.ca/| ruby on rails[
___
tcpdump-workers mailing list
tcpdump-workers@lists.tcpdump.org
https
licensed getopt_long in missing/ I guess I could go check... yes.
I'm open to suggestions on other ways to proceed.
--
] Never tell me the odds! | ipv6 mesh networks [
] Michael Richardson, Sandelman Software Works| network architect [
] m...@sandelman.ca
Guy Harris g...@alum.mit.edu wrote:
On Sep 3, 2014, at 12:34 PM, Michael Richardson m...@sandelman.ca
wrote:
It seems that we might need more patches to better select Linux memory
mapped packet choices?
I'd prefer a patch that reduces or the removes the *need* to do so
Michal Sekletar msekl...@redhat.com wrote:
Seems like bpf.tcpdump.org is still down.
oops.
power brownout- that machine doesn't reboot when the power dips to 80V
and comes back... it just gets stuck. The machine will move in two weeks
to a place with protected power.
{resending, because my address book was confused}
So, was pcap-ng well receives by opsarea WG this morning?
and the reply was:
Michael Tuexen michael.tue...@lurchi.franken.de said:
There were a couple of people willing to review and contribute.
I also got or will get contacts within Apple,
anyway as I need the latest one, I'm happy to simply turn off usb support.
--
] Never tell me the odds! | ipv6 mesh networks [
] Michael Richardson, Sandelman Software Works| network architect [
] m...@sandelman.ca http://www.sandelman.ca/| ruby
tell me the odds! | ipv6 mesh networks [
] Michael Richardson, Sandelman Software Works| network architect [
] m...@sandelman.ca http://www.sandelman.ca/| ruby on rails[
___
tcpdump-workers mailing list
networks [
] Michael Richardson, Sandelman Software Works| network architect [
] m...@sandelman.ca http://www.sandelman.ca/| ruby on rails[
___
tcpdump-workers mailing list
tcpdump-workers@lists.tcpdump.org
https
both the amd64
and i386 versions of libusb-dev. We don't attempt to build both in .travis,
but I have another application that I build for -m32 as well, and it depends
upon libpcap.
--
] Never tell me the odds! | ipv6 mesh networks [
] Michael Richardson, Sandelman
4.x release
that writes to pcap format by default, but has an option to force output
format to pcapng, and then a 5.x release that defaults to writing pcapng.
--
] Never tell me the odds! | ipv6 mesh networks [
] Michael Richardson, Sandelman Software Works
.
--
] Never tell me the odds! | ipv6 mesh networks [
] Michael Richardson, Sandelman Software Works| network architect [
] m...@sandelman.ca http://www.sandelman.ca/| ruby on rails
Romain Francoise rom...@orebokech.com wrote:
Yeah, my bad; was sick that weekend, and stuff... happened.
No problem.
How about July 1?
So -rc1 on July 1, then release a week later? Or -rc1 in the meantime,
and release on July 1? (Works for me either way.)
-rc1 on July
Romain Francoise rom...@orebokech.com wrote:
I was way too at this ietf89 to build changelog and push release button.
I propose to release at Easter. (April 21)
So it looks like this never happened?
Yeah, my bad; was sick that weekend, and stuff... happened.
How about July 1?
! | ipv6 mesh networks [
] Michael Richardson, Sandelman Software Works| network architect [
] m...@sandelman.ca http://www.sandelman.ca/| ruby on rails[
___
tcpdump-workers mailing list
tcpdump-workers@lists.tcpdump.org
worked on FreeS/WAN and had to debug what was going
on. I guess having the script available is a good thing.
--
] Never tell me the odds! | ipv6 mesh networks [
] Michael Richardson, Sandelman Software Works| network architect [
] m...@sandelman.ca http
work on
making it work right when the OS doesn't have getopt_long(), and check
it in.
okay... !
--
] Never tell me the odds! | ipv6 mesh networks [
] Michael Richardson, Sandelman Software Works| network architect [
] m...@sandelman.ca http
of single-letter options.
I don't think that I'd want to let specific dissectors capture single letter
options, period. So, yes, -o sounds right, or just use long options for
that.
--
] Never tell me the odds! | ipv6 mesh networks [
] Michael Richardson, Sandelman Software
the odds! | ipv6 mesh networks [
] Michael Richardson, Sandelman Software Works| network architect [
] m...@sandelman.ca http://www.sandelman.ca/| ruby on rails[
___
tcpdump-workers mailing list
tcpdump
networks [
] Michael Richardson, Sandelman Software Works| network architect [
] m...@sandelman.ca http://www.sandelman.ca/| ruby on rails[
___
tcpdump-workers mailing list
tcpdump-workers@lists.tcpdump.org
https
as moderated, and I'm sorry, but I
won't be forwarding email. As soon as a patch for mailman is available that
will reject p=reject email, I will apply it.
Sorry...
--
] Never tell me the odds! | ipv6 mesh networks [
] Michael Richardson, Sandelman Software Works
with some other period?
They get pushed nightly, but I added --all so that all the old branches would
get pushed. Should be a one-time event.
--
] Never tell me the odds! | ipv6 mesh networks [
] Michael Richardson, Sandelman Software Works| network architect
I guess that this means that we also now have testing against bigendian
systems. thank you wireshark guys!
___
tcpdump-workers mailing list
tcpdump-workers@lists.tcpdump.org
https://lists.sandelman.ca/mailman/listinfo/tcpdump-workers
Hi, I'm aka m...@tcpdump.org, and getting tcpdump in AOSP updated to the
latest has been on my list for awhile.
It's been two years since I last did much Android build work, so it took me
a few days to get a build VM going again.
I checked out a copy of kitkat, built it, and proceeded to extract
run anywhere.
--
] Never tell me the odds! | ipv6 mesh networks [
] Michael Richardson, Sandelman Software Works| network architect [
] m...@sandelman.ca http://www.sandelman.ca/| ruby on rails
, and try it out...
--
] Never tell me the odds! | ipv6 mesh networks [
] Michael Richardson, Sandelman Software Works| network architect [
] m...@sandelman.ca http://www.sandelman.ca/| ruby on rails
branch to github, and let's see what travis-CI says.
You may want to update .travis.yml to include netmap
--
] Never tell me the odds! | ipv6 mesh networks [
] Michael Richardson, Sandelman Software Works| network architect [
] m...@sandelman.ca http
.
--
] Never tell me the odds! | ipv6 mesh networks [
] Michael Richardson, Sandelman Software Works| network architect [
] m...@sandelman.ca http://www.sandelman.ca/| ruby on rails[
___
tcpdump-workers mailing
The other thought I have is that java is heavily threaded, while libpcap is
not thread safe. pcap_loop() is going to block.
I see that your jni variable is a global... I wonder about that.
--
] Never tell me the odds! | ipv6 mesh networks [
] Michael Richardson
.
--
] Never tell me the odds! | ipv6 mesh networks [
] Michael Richardson, Sandelman Software Works| network architect [
] m...@sandelman.ca http://www.sandelman.ca/| ruby on rails[
___
tcpdump-workers mailing list
...)
--
] Never tell me the odds! | ipv6 mesh networks [
] Michael Richardson, Sandelman Software Works| network architect [
] m...@sandelman.ca http://www.sandelman.ca/| ruby on rails[
___
tcpdump
Guy Harris g...@alum.mit.edu wrote:
On Dec 12, 2013, at 3:02 AM, Evgheni Antropov aid...@gmail.com wrote:
Makefile and full process of the libpcap compile and config.log of
tcpdump
compiling are attached.
Unfortunately, it appears that the attachments were removed.
slightly wrong, but up to now, it hasn't mattered.
Having the above controls would let people move forward, and let us gather
enough data to figure out what is up, and fix it.
--
] Never tell me the odds! | ipv6 mesh networks [
] Michael Richardson, Sandelman
, period.
How can we get travis-CI to give us a big-endian test machine?!?
--
] Never tell me the odds! | ipv6 mesh networks [
] Michael Richardson, Sandelman Software Works| network architect [
] m...@sandelman.ca http://www.sandelman.ca/| ruby
.
--
] Never tell me the odds! | ipv6 mesh networks [
] Michael Richardson, Sandelman Software Works| network architect [
] m...@sandelman.ca http://www.sandelman.ca/| ruby on rails[
___
tcpdump-workers
mesh networks [
] Michael Richardson, Sandelman Software Works| network architect [
] m...@sandelman.ca http://www.sandelman.ca/| ruby on rails[
___
tcpdump-workers mailing list
tcpdump-workers@lists.tcpdump.org
This morning, I issued libpcap 1.5.2. It has two changes:
1) make uninstall didn't remove 3 symlinks, fix
2) fix TPACKET_V3 initialization (GH #329)
--
] Never tell me the odds! | ipv6 mesh networks [
] Michael Richardson, Sandelman Software Works
Thank you so much to Denis (and Guy) for transfering and closing all these
bugs. Wow.
___
tcpdump-workers mailing list
tcpdump-workers@lists.tcpdump.org
https://lists.sandelman.ca/mailman/listinfo/tcpdump-workers
capability. Could it be
unrolled to some depth to work with BPFv1?
--
] Never tell me the odds! | ipv6 mesh networks [
] Michael Richardson, Sandelman Software Works| network architect [
] m...@sandelman.ca http://www.sandelman.ca/| ruby
me the odds! | ipv6 mesh networks [
] Michael Richardson, Sandelman Software Works| network architect [
] m...@sandelman.ca http://www.sandelman.ca/| ruby on rails[
___
tcpdump-workers mailing list
tcpdump
tell me the odds! | ipv6 mesh networks [
] Michael Richardson, Sandelman Software Works| network architect [
] m...@sandelman.ca http://www.sandelman.ca/| ruby on rails[
___
tcpdump-workers mailing
, it will take test cases and code...
Michael Richardson
-on the road-
___
tcpdump-workers mailing list
tcpdump-workers@lists.tcpdump.org
https://lists.sandelman.ca/mailman/listinfo/tcpdump-workers
Please take this discussion to the tcpdump-workers list.
shohamp writes:
This commit by @yuguy explains this issue very well. yacc parsers the
bpf from left to right without saving the state, and doesn't provide a
tree of some kind, which would allow an easy solution. @yuguy says
from
https://github.com/the-tcpdump-group/tcpdump/issues/333
details an issue where differences in arch and compiler result in different
extractions of floating point objects in LMP packets. Guy discovers it has
something to do with assumptions about x86 SSE.
and I think we might find more
me the odds! | ipv6 mesh networks [
] Michael Richardson, Sandelman Software Works| network architect [
] m...@sandelman.ca http://www.sandelman.ca/| ruby on rails[
___
tcpdump-workers mailing list
tcpdump
rather than git...
--
] Never tell me the odds! | ipv6 mesh networks [
] Michael Richardson, Sandelman Software Works| network architect [
] m...@sandelman.ca http://www.sandelman.ca/| ruby on rails
of the 1990s. But, we still have
things like QNX and Cygwin...
--
] Never tell me the odds! | ipv6 mesh networks [
] Michael Richardson, Sandelman Software Works| network architect [
] m...@sandelman.ca http://www.sandelman.ca/| ruby on rails
Marc Abramowitz notificati...@github.com wrote:
Markdown renders nicely in GitHub (and allows embedding rich content
like Travis CI build badge images) and it's still very readable when
reading the raw text. So I renamed the README to README.md and
converted to Markdown and
tjackson notificati...@github.com wrote:
I noticed that tcpdump-4.4.0 installs a versioned binary in addition to
tcpdump. Was this an oversight in the Makefile or intentional? Since
'tcpdump' is duplicated as well it makes it harder to have both
versions installed, if that was
, other than consuming
disk space. If it's disk space that is the issue, then remove it.
--
] Never tell me the odds! | ipv6 mesh networks [
] Michael Richardson, Sandelman Software Works| network architect [
] m...@sandelman.ca http://www.sandelman.ca
networks [
] Michael Richardson, Sandelman Software Works| network architect [
] m...@sandelman.ca http://www.sandelman.ca/| ruby on rails[
___
tcpdump-workers mailing list
tcpdump-workers@lists.tcpdump.org
https
! | ipv6 mesh networks [
] Michael Richardson, Sandelman Software Works| network architect [
] m...@sandelman.ca http://www.sandelman.ca/| ruby on rails[
___
tcpdump-workers mailing list
tcpdump-workers@lists.tcpdump.org
networks [
] Michael Richardson, Sandelman Software Works| network architect [
] m...@sandelman.ca http://www.sandelman.ca/| ruby on rails[
___
tcpdump-workers mailing list
tcpdump-workers@lists.tcpdump.org
https
802.11p is the thing among European (particularly french) Intelligent
Transportation Systems people.
(In the US, it appears that LTE is the answer. I prefer 802.11p approach)
--
] Never tell me the odds! | ipv6 mesh networks [
] Michael Richardson, Sandelman
mechanisms being used by the NIC card to either signal arrival of the
packet (interrupt mitigation mechanisms, for instance), and/or the same
thing on the transmit side.
--
] Never tell me the odds! | ipv6 mesh networks [
] Michael Richardson, Sandelman Software Works
be then produced.
Question: is there someone on the list that would like to setup such
a thing up, build a Makefile, commit it to git?
--
] Never tell me the odds! | ipv6 mesh networks [
] Michael Richardson, Sandelman Software Works| network
if I'm wrong, but we have magic number differences when the
save file contents are different?
--
] Never tell me the odds! | ipv6 mesh networks [
] Michael Richardson, Sandelman Software Works| network architect [
] m...@sandelman.ca http
Denis == Denis Ovsienko infrastat...@yandex.ru writes:
Denis The Travis CI build script consists of two jobs: one with the
Denis server's libpcap-devel package and another with libpcap
Denis cloned from git and built before tcpdump. tcpdump pull
Denis request #313 adds a feature
! | ipv6 mesh networks [
] Michael Richardson, Sandelman Software Works| network architect [
] m...@sandelman.ca http://www.sandelman.ca/| ruby on rails[
___
tcpdump-workers mailing list
tcpdump-workers
to be used beyond SS7 stuff?
--
] Never tell me the odds! | ipv6 mesh networks [
] Michael Richardson, Sandelman Software Works| network architect [
] m...@sandelman.ca http://www.sandelman.ca/| ruby on rails
IP address on your internet side.
--
] Never tell me the odds! | ipv6 mesh networks [
] Michael Richardson, Sandelman Software Works| network architect [
] m...@sandelman.ca http://www.sandelman.ca/| ruby on rails
isn't updated yet, since they distro tar
files are not yet properly signed. I will fix that today.
If you want to edit the HTML files, please go ahead.
--
] Never tell me the odds! | ipv6 mesh networks [
] Michael Richardson, Sandelman Software Works| network
://datatracker.ietf.org/doc/rfc5848/
might provide a more standard, more portable container?
--
] Never tell me the odds! | ipv6 mesh networks [
] Michael Richardson, Sandelman Software Works| network architect [
] m...@sandelman.ca http://www.sandelman.ca
?) should occur inside the driver.
--
] Never tell me the odds! | ipv6 mesh networks [
] Michael Richardson, Sandelman Software Works| network architect [
] m...@sandelman.ca http://www.sandelman.ca/| ruby on rails
, opened against version N.N.
--
] Never tell me the odds! | ipv6 mesh networks [
] Michael Richardson, Sandelman Software Works| network architect [
] m...@sandelman.ca http://www.sandelman.ca/| ruby on rails
whatever is recommended, as long as
the solution is easy to do on stock (stable) debian, LTS ubuntu,
and RHEL6/Centos6... cause I hate making people run unstable stuff
just to contribute.
--
] Never tell me the odds! | ipv6 mesh networks [
] Michael Richardson
ois-Xavier == ois-Xavier Le Bail Fran writes:
ois-Xavier Tha last configure file is Generated by GNU Autoconf 2.61..
ois-Xavier The previous was Generated by GNU Autoconf 2.68..
ois-Xavier Is there any risks of regression ?
oh, I thought it was updating the other way when I was
101 - 200 of 454 matches
Mail list logo
