Bug#414622: tcpreplay: tcprewrite says skipping packet but doesn't

2007-06-17 Thread Noèl Köthe 
tags 414622 + upstream
forwarded 414622 http://tcpreplay.synfin.net/trac/ticket/183
thanks

Am Montag, den 12.03.2007, 22:55 +0200 schrieb Niko Tyni:

Hello Niko,


 Looking at the code, there's no check for tcpedit_packet() returning zero.
 The attached patch works for me, and makes tcprewrite really skip the
 packets that are too big.
 
 Please consider including the patch.

Thanks for the patch. I forwarded it to the upstream author.

-- 
Noèl Köthe noel debian.org
Debian GNU/Linux, www.debian.org


signature.asc
Description: Dies ist ein digital signierter Nachrichtenteil

Bug#414622: tcpreplay: tcprewrite says skipping packet but doesn't

2007-03-12 Thread Niko Tyni 
Package: tcpreplay
Version: 2.99+3.0.beta11-3
Severity: normal
Tags: patch

Hi,

as explained in #414613, I'm rewriting DLT_RAW pcap files into DLT_EN10MB
ones. The input files have IP packets longer than the default Ethernet
MTU (~1500 bytes).  This is recognized by tcprewrite (with the patch
from #414613 to make the '--dlt' option work):

% tcpdump -n -r ~/ulogd.pcap 
reading from file /home/niko/ulogd.pcap, link-type RAW (Raw IP)
22:09:27.498937 IP 192.168.1.6  192.168.1.1: ICMP echo request, id 49474, seq 
1, length 64
22:09:28.497930 IP 192.168.1.6  192.168.1.1: ICMP echo request, id 49474, seq 
2, length 64
22:09:29.496935 IP 192.168.1.6  192.168.1.1: ICMP echo request, id 49474, seq 
3, length 64
22:09:33.319169 IP 192.168.1.6  192.168.1.1: ICMP echo request, id 50242, seq 
1, length 2008
22:09:34.320310 IP 192.168.1.6  192.168.1.1: ICMP echo request, id 50242, seq 
2, length 2008

% tcprewrite --dlink=ff,ff,de,ad,be,ef,00,00,de,ad,be,ef,08,00 --dlt=1 -i 
~/ulogd.pcap -o ~/ethernet.pcap
Packet length (2042) is greater then MTU (1514); skipping packet.
Packet length (2042) is greater then MTU (1514); skipping packet.

Surprisingly, the 'skipping packet' part isn't actually true: tcprewrite
is outputting the raw packet rather than skipping it.

% tcpdump -e -n -r ~/ethernet.pcap
22:09:27.498937 00:00:de:ad:be:ef  ff:ff:de:ad:be:ef, ethertype IPv4 (0x0800), 
length 98: 192.168.1.6  192.168.1.1: ICMP echo request, id 49474, seq 1, 
length 64
22:09:28.497930 00:00:de:ad:be:ef  ff:ff:de:ad:be:ef, ethertype IPv4 (0x0800), 
length 98: 192.168.1.6  192.168.1.1: ICMP echo request, id 49474, seq 2, 
length 64
22:09:29.496935 00:00:de:ad:be:ef  ff:ff:de:ad:be:ef, ethertype IPv4 (0x0800), 
length 98: 192.168.1.6  192.168.1.1: ICMP echo request, id 49474, seq 3, 
length 64
22:09:33.319169 00:00:40:01:bf:9d  45:00:07:ec:30:1c, ethertype Unknown 
(0xc0a8), length 2028: 
0x:  0106 c0a8 0101 0800 00cc c442 0001 7db3  ...B..}.
[etc.]

Looking at the code, there's no check for tcpedit_packet() returning zero.
The attached patch works for me, and makes tcprewrite really skip the
packets that are too big.

Please consider including the patch.

Cheers,
-- 
Niko Tyni   [EMAIL PROTECTED]
--- tcpreplay-2.99+3.0.beta11/src/tcprewrite.c
+++ tcpreplay-2.99+3.0.beta11/src/tcprewrite.c
@@ -200,6 +200,7 @@
 struct pcap_pkthdr *pkthdr = NULL;  /* packet header */
 const u_char *pktdata = NULL;   /* packet from libpcap */
 COUNTER packetnum = 0;
+int ret;
 
 /* MAIN LOOP 
  * Keep sending while we have packets or until
@@ -228,8 +229,10 @@
 if (cache_result == CACHE_NOSEND)
 goto WRITE_PACKET; /* still need to write it so cache stays in sync */
 
-if (tcpedit_packet(tcpedit, pkthdr, (u_char**)pktdata, cache_result) == -1) {
+if ((ret = tcpedit_packet(tcpedit, pkthdr, (u_char**)pktdata, cache_result)) == -1) {
 return -1;
+} else if (ret == 0) {
+continue;
 }