CVS log entries from 30.04.2002 (Tue) 09:05:44 - 01.05.2002 (Wed) 09:05:40 GMT
=
Summary by authors
=
Author: guy
File: tcpdump/print-smb.c; Revisions: 1.23
File: tcpdump/CREDITS
At 9:51 PM -0700 2002/04/30, Guy Harris wrote:
> I wasn't expecting any of those changes to fix the behavior of xprobe; I
> was just expecting them to remove the warnings.
Ahh, I see. Sorry, I misunderstood.
> I'd actually go for my other suggestion, with temporary bpf_u_int32
> va
At 10:03 PM -0700 2002/04/30, Guy Harris wrote:
> Yup. The fact that
>
> #define uint32_t unsigned long
>
> shows up in a "config.h" line conveys some hope, i.e. that may mean that
> the configuration script decided that on your machine "unsigned long" is
> a 32-bit unsigned integer, r
At 10:03 PM -0700 2002/04/30, Guy Harris wrote:
> What if you compile it with
>
> gcc -I/usr/local/include -L/usr/local/lib -o iflist -lpcap
Okay, I renamed /usr/local/lib/libpcap.a to be libnpcap.a, and re-compiled:
% gcc -I/usr/local/include -L/usr/local/lib iflist.c -o iflist
I am a new user to tcpdump and I was wondering the significance of a
particular operation done with the IP offset in the IP packet.
In ip_print(...) method the protocol field is checked and if it is TCP
the tcp_print(...) method is called with an argument (off &~ 0X6000).
I don't understand t
On Wed, May 01, 2002 at 04:46:56PM +0200, Brad Knowles wrote:
> If uint32_t could be anything other than an unsigned long, I
> would have expected such to show up with this command.
The macro in "configure.in" testing for it is documented in the autoconf
".info" file as:
- Macro: AC_CHEC
On Wed, May 01, 2002 at 05:27:33PM +0200, Brad Knowles wrote:
> Given what this program is trying to do, perhaps you want to
> ensure that the program is run as root, or generate a suitable error
> message and exit?
Given that
1) it's a quick test program, not an end-user program
On Thu, Apr 04, 2002 at 06:47:33PM -0500, Michael Richardson wrote:
> tcpreplay had a home, but it got lost.
> It was: http://www.anzen.com/research/nidsbench/
"I once was lost, but now I'm found":
http://sourceforge.net/projects/tcpreplay/
I infer from what it says on
ht
On Wed, May 01, 2002 at 04:20:44AM -0400, Sripriya Subramanian wrote:
> In ip_print(...) method the protocol field is checked and if it is TCP
> the tcp_print(...) method is called with an argument (off &~ 0X6000).
>
> I don't understand the significance of this number. Is this just to
> check
At 12:15 PM -0700 2002/05/01, Guy Harris wrote:
> So, whilst the configure script will not *explicitly* define it as
> anything other than an unsigned long, if it's already defined by the OS
> - whether as an "unsigned int", or as an "unsigned long", or as
> something else - it will not defin
At 12:20 PM -0700 2002/05/01, Guy Harris wrote:
> Given that
>
> 1) it's a quick test program, not an end-user program
>
> and that
>
> 2) it is *NOT* necessarily the case that you have to be root to
> run it
>
> I don't see any need to do that.
Fair enough.
On Wed, May 01, 2002 at 10:41:14PM +0200, Brad Knowles wrote:
> However, in that case you may want to either modify the error
> message generated, to include a note to try running the program as
> root if you did not previously do so, or to check permissions on any
> /dev/bpf devices that
A standard behavior of tcpdump that caused me a bit of grief recently is
that when writing to a capture file with -w, output is buffered by default.
When tcpdump'ing to stdout and piping or redirecting to a file, it's common
to use the -l flag to make output line-buffered. It doesn't appear that
-BEGIN PGP SIGNED MESSAGE-
> "Guy" == Guy Harris <[EMAIL PROTECTED]> writes:
Guy> On Thu, Apr 04, 2002 at 06:47:33PM -0500, Michael Richardson wrote:
>> tcpreplay had a home, but it got lost.
>> It was: http://www.anzen.com/research/nidsbench/
Guy> "I once was lost
Hello,
I'm trying to parse tcpdump code for my class and I'm having a problem
with the timestamps, more or less that I can't figure out how to parse
them at all. After going through quite a bit (and the man page) I saw
that it does HH:MM:SS.Fraction. I've been differing limits for the
fraction.
On Thu, May 02, 2002 at 01:53:22AM -0400, Mark C Wishneusky wrote:
> I'm trying to parse tcpdump code for my class and I'm having a problem
> with the timestamps, more or less that I can't figure out how to parse
> them at all. After going through quite a bit (and the man page) I saw
> that it do
16 matches
Mail list logo