Package: tcpdump
Version: 4.0.0-6
Severity: minor
Tags: patch
Hi,
The manpage says that (for TCP)
Flags are some combination of S (SYN), F (FIN), P (PUSH), R (RST), W
(ECN CWR) or E (ECN-Echo), or a single `.' (no flags).
But the code (print-tcp.c) causes a . to be printed for ACK. (This caused
me a little confusion when looking at "Flags [S.]" in tcpdump's output).
I'm going to try to attach a diff against tcpdump.1 to this report.
-- System Information:
Debian Release: squeeze/sid
APT prefers testing
APT policy: (900, 'testing')
Architecture: i386 (i686)
Kernel: Linux 2.6.33-2-686 (SMP w/1 CPU core)
Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash
Versions of packages tcpdump depends on:
ii libc6 2.10.2-6 Embedded GNU C Library: Shared lib
ii libpcap0.8 1.0.0-6 system interface for user-level pa
ii libssl0.9.8 0.9.8m-2 SSL shared libraries
tcpdump recommends no packages.
tcpdump suggests no packages.
-- no debconf information
--- tcpdump.1 2010-03-28 20:09:43.000000000 +0100
+++ /tmp/tcpdump.1 2010-03-28 20:09:28.000000000 +0100
@@ -847,8 +847,8 @@
\fISrc\fP and \fIdst\fP are the source and destination IP
addresses and ports.
\fIFlags\fP are some combination of S (SYN),
-F (FIN), P (PUSH), R (RST), W (ECN CWR) or E (ECN-Echo), or a single
-`.' (no flags).
+F (FIN), P (PUSH), R (RST), U (URG), W (ECN CWR), E (ECN-Echo), and
+`.' (ACK), or `none' if no flags are set.
\fIData-seqno\fP describes the portion of sequence space covered
by the data in this packet (see example below).
\fIAck\fP is sequence number of the next data expected the other
