ftpsesame 'drop: short capture'

Jordi Espasa Clofent Tue, 23 Sep 2008 02:31:11 -0700

Hi all,

Because of my previous problem I've seen the next output in/var/log/messages:


-- Sep 22 19:00:01 ares newsyslog[21422]: logfile turned over
Sep 22 19:00:01 ares syslogd: restart
Sep 22 19:00:38 ares ftpsesame[15600]: drop: short capture
Sep 22 19:01:04 ares last message repeated 3 times
Sep 22 19:04:36 ares ftpsesame[15600]: drop: short capture
Sep 22 19:04:47 ares last message repeated 11 times
Sep 22 19:17:07 ares last message repeated 4 times
Sep 22 20:00:01 ares syslogd: restart
Sep 22 20:31:27 ares ftpsesame[15600]: drop: short capture
Sep 22 21:31:43 ares ftpsesame[15600]: drop: short capture
Sep 22 21:31:47 ares last message repeated 3 times
Sep 22 21:34:32 ares last message repeated 6 times
Sep 22 21:53:06 ares last message repeated 8 times
Sep 22 22:00:01 ares syslogd: restart
Sep 22 22:01:34 ares ftpsesame[15600]: drop: short capture
Sep 22 22:02:28 ares ftpsesame[15600]: drop: short capture
Sep 22 22:09:45 ares ftpsesame[15600]: drop: short capture
Sep 22 22:10:00 ares last message repeated 62 times
Sep 23 00:00:01 ares syslogd: restart
Sep 23 00:08:46 ares ftpsesame[15600]: drop: short capture
Sep 23 00:09:02 ares last message repeated 3 times
Sep 23 00:09:28 ares last message repeated 2 times
Sep 23 00:33:06 ares ftpsesame[15600]: drop: short capture
Sep 23 00:34:02 ares last message repeated 4 times
Sep 23 00:47:01 ares ftpsesame[15600]: drop: short capture
Sep 23 01:30:54 ares ftpsesame[15600]: drop: short capture
Sep 23 01:38:49 ares last message repeated 20 times
Sep 23 01:47:12 ares last message repeated 2 times
Sep 23 01:56:28 ares last message repeated 6 times
Sep 23 02:00:01 ares syslogd: restart
Sep 23 02:06:11 ares ftpsesame[15600]: drop: short capture
Sep 23 02:06:20 ares ftpsesame[15600]: drop: short capture
Sep 23 02:08:15 ares last message repeated 4 times
Sep 23 04:00:01 ares syslogd: restart
Sep 23 04:10:20 ares ftpsesame[15600]: drop: short capture
Sep 23 04:10:35 ares last message repeated 2 times
Sep 23 04:12:33 ares last message repeated 3 times
Sep 23 04:13:43 ares ftpsesame[15600]: drop: short capture
Sep 23 04:32:26 ares last message repeated 5 times
Sep 23 04:35:09 ares last message repeated 2 times
Sep 23 06:00:01 ares syslogd: restart
Sep 23 08:00:01 ares syslogd: restart
Sep 23 08:18:10 ares ftpsesame[15600]: drop: short capture
Sep 23 08:39:54 ares ftpsesame[15600]: drop: short capture
Sep 23 08:40:10 ares ftpsesame[15600]: drop: short capture
Sep 23 08:54:00 ares ftpsesame[15600]: drop: short capture
Sep 23 09:07:24 ares ftpsesame[15600]: drop: short capture
Sep 23 09:15:40 ares last message repeated 10 times
Sep 23 09:29:56 ares ftpsesame[15600]: drop: short capture

So, I've donwload the ftpsesame sources and search the concrete string:

$ grep -ir "short capture" *
ftpsesame.c:            logmsg(LOG_WARNING, "drop: short capture");

$ vim ftpsesame.c
[...]
 if (h->caplen != h->len) {
                logmsg(LOG_WARNING, "drop: short capture");
                return;
[...]

I understand that it's a basic check about the length of the processedpacket. Anyway, I'm not a coder... only a learner.


¿It's really a problem or a simply warning about malformed packets?

--
Thanks,
Jordi Espasa Clofent

ftpsesame 'drop: short capture'

Reply via email to