Re: [tcpdump-workers] [tcpdump] 7 tests fail on Ubuntu 11.10 (#33)

openssl-devel on a 64-bit system it should be run this way: ./configure --with-crypto --libdir=/usr/lib64 After that all tests pass. -- Denis Ovsienko ___ tcpdump-workers mailing list tcpdump-workers@lists.tcpdump.org https://lists.sandelman.ca

Re: [tcpdump-workers] [PATCH] Decode DHCPv6 AFTR-Name option (RFC6334)

-- Denis Ovsienko ___ tcpdump-workers mailing list tcpdump-workers@lists.tcpdump.org https://lists.sandelman.ca/mailman/listinfo/tcpdump-workers

Re: [tcpdump-workers] verbose decoding without assigned port number

a file which can be provided to map multiple ports at the same time. I'll look if that can be done quickly. -- Denis Ovsienko ___ tcpdump-workers mailing list tcpdump-workers@lists.tcpdump.org https://lists.sandelman.ca/mailman/listinfo/tcpdump

Re: [tcpdump-workers] verbose decoding without assigned port number

. I've got a working code and am producing a sample capture. The ZeroMQ decoding function is called from both tcp_print() and udp_print(), should I put it into an existing file or a new file? Which of license boilerplates then? -- Denis Ovsienko

Re: [tcpdump-workers] Couldn't parse filter scr port 22000: syntax error

   it output an error: Couldn't parse filter scr port 22000: syntax error scr port 22000 (mind the typo) -- Denis Ovsienko ___ tcpdump-workers mailing list tcpdump-workers@lists.tcpdump.org https://lists.sandelman.ca/mailman/listinfo/tcpdump

Re: [tcpdump-workers] tcpdump 4.4 release candidate 1

.   Is that intentional? There are some fixes to the recent otv, vxlan and msnlb commits in tcpdump pull requests 56 and 57. -- Denis Ovsienko ___ tcpdump-workers mailing list tcpdump-workers@lists.tcpdump.org https://lists.sandelman.ca/mailman/listinfo

Re: [tcpdump-workers] -W options to gcc

to include -Wgcc-things when we are using gcc, and omit when we aren't. This is from autoconf documentation: Macro: AC_PROG_CC ([compiler-search-list]) [...] If using the GNU C compiler, set shell variable GCC to ‘yes’. -- Denis Ovsienko ___ tcpdump

Re: [tcpdump-workers] moves to github

now? -- Denis Ovsienko ___ tcpdump-workers mailing list tcpdump-workers@lists.tcpdump.org https://lists.sandelman.ca/mailman/listinfo/tcpdump-workers

Re: [tcpdump-workers] moves to github

that for the tcpdump issue you closed on GitHub with -W implements that.) Let's focus on having only one bug tracker, but a well-ordered one. -- Denis Ovsienko ___ tcpdump-workers mailing list tcpdump-workers@lists.tcpdump.org https://lists.sandelman.ca

Re: [tcpdump-workers] moves to github

bugs will be labeled with the tag in the tcpdump repository and any new such issues should be opened in tcpdump-htdocs. I have enabled the issues feature for the tcpdump-htdocs repository and disabled the wiki feature for all 3 repositories (also checked that no wiki pages existed). -- Denis

Re: [tcpdump-workers] Missing packet fields in big endian with ath9k

. -- Denis Ovsienko ___ tcpdump-workers mailing list tcpdump-workers@lists.tcpdump.org https://lists.sandelman.ca/mailman/listinfo/tcpdump-workers

Re: [tcpdump-workers] Missing packet fields in big endian with ath9k

a solid explanation for that. However, it is worth checking that the DLT_IEEE802_11_RADIO packets arrive well-formed in the first place. Does the current git master of tcpdump decode the same packets right? -- Denis Ovsienko ___ tcpdump-workers

[tcpdump-workers] review request: Babel and OpenFlow

List, I am looking for someone to review the commits in pull request #312, which I have opened. It contains a few improvements to existing Babel decoder and a new OpenFlow 1.0 decoder. Both pieces work fine for me, but if you see anything that should be fixed please let me know. -- Denis

[tcpdump-workers] tcpdump pull request #313 and libpcap dependency

-devel build job for the same period of time instead? -- Denis Ovsienko ___ tcpdump-workers mailing list tcpdump-workers@lists.tcpdump.org https://lists.sandelman.ca/mailman/listinfo/tcpdump-workers

Re: [tcpdump-workers] tcpdump pull request #313 and libpcap dependency

=false (with local server's libpcap-devel) Since Travis requires all jobs to complete to signal a successful build, commit f4d295e removes the 2nd job and the the only remaining job now passes (https://travis-ci.org/the-tcpdump-group/tcpdump/builds/7592044). -- Denis Ovsienko

Re: [tcpdump-workers] review request: Babel and OpenFlow

22.05.2013, 18:26, Denis Ovsienko infrastat...@yandex.ru: List, I am looking for someone to review the commits in pull request #312, which I have opened. It contains a few improvements to existing Babel decoder and a new OpenFlow 1.0 decoder. Both pieces work fine for me, but if you see

Re: [tcpdump-workers] Adding support for ETSI GeoNetworking network and BTP transport protocol

and an estimate of who else could find this feature useful? Thank you. -- Denis Ovsienko ___ tcpdump-workers mailing list tcpdump-workers@lists.tcpdump.org https://lists.sandelman.ca/mailman/listinfo/tcpdump-workers

Re: [tcpdump-workers] Adding support for ETSI GeoNetworking network and BTP transport protocol

of nodes on motorways in Germany, Austria and The Netherlands. Thanks, now I see. Looking forward to see the patches/commits! -- Denis Ovsienko ___ tcpdump-workers mailing list tcpdump-workers@lists.tcpdump.org https://lists.sandelman.ca/mailman/listinfo

Re: [tcpdump-workers] Adding support for ETSI GeoNetworking network and BTP transport protocol

comments to the commit. May be somebody else is willing to review as well? -- Denis Ovsienko ___ tcpdump-workers mailing list tcpdump-workers@lists.tcpdump.org https://lists.sandelman.ca/mailman/listinfo/tcpdump-workers

Re: [tcpdump-workers] Adding support for ETSI GeoNetworking network and BTP transport protocol

List, is anybody else willing to review this pull request? https://github.com/the-tcpdump-group/tcpdump/pull/324 These are quite small decoders, but I'm not familiar with the field and quite busy until the weekend. -- Denis Ovsienko ___ tcpdump

Re: [tcpdump-workers] [Patch] print-nfs.c

then? The function returns either 0 or -1 and the only calling function checks the result to be = 0. -- Denis Ovsienko ___ tcpdump-workers mailing list tcpdump-workers@lists.tcpdump.org https://lists.sandelman.ca/mailman/listinfo/tcpdump-workers

Re: [tcpdump-workers] [Patch] print-nfs.c

11.07.2013, 16:36, Gisle Vanem gva...@broadpark.no: Denis Ovsienko infrastat...@yandex.ru wrote:  10.07.2013, 15:18, Gisle Vanem gva...@broadpark.no:  'int32_t' isn't 'int' for all targets. Some Windows targets have  it defined as 'signed int' in win32/Include/bittypes.h. So print-nfs.c

[tcpdump-workers] OpenSSL deprecation warnings on MacOS

’ is deprecated (declared at /usr/include/openssl/md5.h:114) ./signature.c:110: warning: ‘MD5_Update’ is deprecated (declared at /usr/include/openssl/md5.h:114) ./signature.c:111: warning: ‘MD5_Final’ is deprecated (declared at /usr/include/openssl/md5.h:115) -- Denis Ovsienko

Re: [tcpdump-workers] OpenSSL deprecation warnings on MacOS

include file for more examples. [...] Thank you, let me study this solution. BTW, in FreeRADIUS the USES_APPLE_RST macro is never used. -- Denis Ovsienko ___ tcpdump-workers mailing list tcpdump-workers@lists.tcpdump.org https://lists.sandelman.ca

Re: [tcpdump-workers] [tcpdump] IEEE float decoded incorrectly (#333)

with assumptions about x86 SSE. and I think we might find more expertise on the list. List, Dmitrij Tejblum solved this with the -ffloat-store GCC flag. -- Denis Ovsienko ___ tcpdump-workers mailing list tcpdump-workers@lists.tcpdump.org https

[tcpdump-workers] June 10, 2012 in the change logs

, 2012/June 10, 2012. m...@sandelman.ca. +Friday April 3, 2012. m...@sandelman.ca. If the (now removed) 2nd date meant something important, I can make it into all files consistently. -- Denis Ovsienko ___ tcpdump-workers mailing list tcpdump

[tcpdump-workers] BPF optimization visualized

issues debugging.) Thank you. -- Denis Ovsienko ___ tcpdump-workers mailing list tcpdump-workers@lists.tcpdump.org https://lists.sandelman.ca/mailman/listinfo/tcpdump-workers

[tcpdump-workers] on compiler optimizations and security

in the source code of tcpdump. Even if subsequent 15 pages of the analysis don't apply, it may make sense to study the solutions the paper suggests. -- Denis Ovsienko ___ tcpdump-workers mailing list tcpdump-workers@lists.tcpdump.org https

[tcpdump-workers] on NFS decoding improvements

that the output format must be retained. Thank you. -- Denis Ovsienko ___ tcpdump-workers mailing list tcpdump-workers@lists.tcpdump.org https://lists.sandelman.ca/mailman/listinfo/tcpdump-workers

[tcpdump-workers] FYI: tcpdump bug tracker(s) mapping

| +-+-+-+ -- Denis Ovsienko ___ tcpdump-workers mailing list tcpdump-workers@lists.tcpdump.org https://lists.sandelman.ca/mailman/listinfo/tcpdump-workers

Re: [tcpdump-workers] FYI: tcpdump bug tracker(s) mapping

07.11.2013, 18:36, Denis Ovsienko infrastat...@yandex.ru: List, the table below lists all tcpdump issues (bugs, tickets) migrated from SourceForge to GitHub earlier. SF old# is a tracker artifact ID that SourceForge used to assign until 2013. SF new# is a tracker type+ID in use since 2013

Re: [tcpdump-workers] tcpdump configure error with pcap_loop... no

clean all passes in libpcap directory later I checked again on the tcpdump side and the issue had vanished. -- Denis Ovsienko ___ tcpdump-workers mailing list tcpdump-workers@lists.tcpdump.org https://lists.sandelman.ca/mailman/listinfo/tcpdump

[tcpdump-workers] RCS/CVS keywords ($Id$, $Header$, $OpenBSD$ etc)

dates any later than end of 2008. That said, I see sense in preserving/converting the IDs that indicate the origin/relation of the source code, for example: /* $NetBSD: print-ah.c,v 1.4 1996/05/20 00:41:16 fvdl Exp $*/ Would anybody object on this change? -- Denis Ovsienko

Re: [tcpdump-workers] RCS/CVS keywords ($Id$, $Header$, $OpenBSD$ etc)

02.01.2014, 02:41, Michael Richardson m...@sandelman.ca: Denis Ovsienko infrastat...@yandex.ru wrote:  It seems to be OK to just remove the lines that essentially state this  file is a part of the tcpdump source tree and is original to it, for  example:  #ifndef lint static const char rcsid

Re: [tcpdump-workers] netmap support for libpcap now available

/netmap/source/browse/extra/libpcap-netmap.diff which works against a recent (Jan11) libpcap version from github Hi Luigi. Why not open a pull request to queue this change for a review and merge? -- Denis Ovsienko ___ tcpdump-workers mailing list

Re: [tcpdump-workers] how can i access tsval from tcp options?

are a particular case of TLV class of encodings. This most likely implies that TCP options are opaque to libpcap. To access one or more TCP options it is necessary to have some code like that in tcpdump, print-tcp.c around line 500. -- Denis Ovsienko

Re: [tcpdump-workers] buildbot failure in tcpdump+libpcap on Solaris-10-SPARC

This is due to my yesterday work. I have just committed a change that should fix the build. -- Denis Ovsienko ___ tcpdump-workers mailing list tcpdump-workers@lists.tcpdump.org https://lists.sandelman.ca/mailman/listinfo/tcpdump-workers

Re: [tcpdump-workers] how to tell tcpdump only to capture packets that go throught iptables

 after i setup several iptables rules for icmp. Mere counting is possible even without tcpdump: each iptables rule has counters for bytes and packets (iptables -vnL INPUT). -- Denis Ovsienko ___ tcpdump-workers mailing list tcpdump-workers

Re: [tcpdump-workers] buildbot failure in tcpdump+libpcap on Solaris-10-SPARC

fatal: unable to connect to bpf.tcpdump.org: bpf.tcpdump.org[0: 132.213.238.6]: errno=Connection timed out bpf.tcpdump.org[1: 2001:4830:116e:2::6]: errno=Network is unreachable --      Denis Ovsienko ___ tcpdump-workers mailing list tcpdump-workers

Re: [tcpdump-workers] buildbot failure in tcpdump+libpcap on Ubuntu-12.04-x64

 http://buildbot.wireshark.org/tcpdump/builders/Ubuntu-12.04-x64/builds/706 This crept in because I tested yesterday's changes without libsmi. Now the issue should be gone. --      Denis Ovsienko ___ tcpdump-workers mailing list tcpdump-workers

Re: [tcpdump-workers] tcpdump configure error with pcap_loop... no

30.12.2013, 18:08, Denis Ovsienko infrastat...@yandex.ru: 23.12.2013, 21:48, Evgheni Antropov aid...@gmail.com:   Hello I have try to compile tcpdump-4.5.1.tar.gz with libpcap-1.5.2.tar.gz    and receive following error:   checking for pcap-config... /usr/local/bin/pcap-config   checking

[tcpdump-workers] uint_XX_t, u_int_XX_t and NFLOG test case

. Other opinions are welcome. --      Denis Ovsienko ___ tcpdump-workers mailing list tcpdump-workers@lists.tcpdump.org https://lists.sandelman.ca/mailman/listinfo/tcpdump-workers

Re: [tcpdump-workers] tcpdump and libpcap releases, and future thoughts

understand the primary pro et contra of this change, but a positive side effect of this would be that the new subdir would make it easier to apply uniform updates specifically to printers' source code. Right now it is easy to miss a few .c/.h files when trying to do a uniform update. -- Denis

Re: [tcpdump-workers] tcpdump and libpcap releases,    and future thoughts

distribute command-line options. -- Denis Ovsienko ___ tcpdump-workers mailing list tcpdump-workers@lists.tcpdump.org https://lists.sandelman.ca/mailman/listinfo/tcpdump-workers

Re: [tcpdump-workers] Broken links for two Bluetooth DLTs

. -- Denis Ovsienko ___ tcpdump-workers mailing list tcpdump-workers@lists.tcpdump.org https://lists.sandelman.ca/mailman/listinfo/tcpdump-workers

[tcpdump-workers] v5 and v6 NetFlow captures needed

List, if anyone can contribute NetFlow v5 and/or v6 captures to fix a bug in tcpdump, could you make a comment in the following ticket? https://github.com/the-tcpdump-group/tcpdump/issues/18 Thank you. -- Denis Ovsienko ___ tcpdump-workers

Re: [tcpdump-workers] Official patches for CVE-2014-8767/CVE-2014-8768/CVE-2014-8769?

-only choice between the two will become again purely theoretical and a matter of taste. A weekly backup of bpf.tcpdump.org on top of that will bring a complete peace of mind. Does that sound reasonable? -- Denis Ovsienko ___ tcpdump-workers mailing

Re: [tcpdump-workers] bpf.tcpdump.org vs github

for no gain. If instead the copies get converged first and then new commits go to one copy only, the other copy will always enjoy fast-forward pulls, making it possible to run git-pull every 15 minutes from crontab. -- Denis Ovsienko ___ tcpdump-workers

Re: [tcpdump-workers] RFC: DLT for application TCP stream capture

of sockets (in TCP these two things are the same), so a stream_id field in the encoding (0 for TCP and UDP) could be handy for SCTP payload representation. -- Denis Ovsienko ___ tcpdump-workers mailing list tcpdump-workers@lists.tcpdump.org https

Re: [tcpdump-workers] odd issue with Linux VLAN interface

#262144 -- Denis Ovsienko ___ tcpdump-workers mailing list tcpdump-workers@lists.tcpdump.org https://lists.sandelman.ca/mailman/listinfo/tcpdump-workers

Re: [tcpdump-workers] odd issue with Linux VLAN interface

file it if it helps. -- Denis Ovsienko ___ tcpdump-workers mailing list tcpdump-workers@lists.tcpdump.org https://lists.sandelman.ca/mailman/listinfo/tcpdump-workers

[tcpdump-workers] odd issue with Linux VLAN interface

of tcpdump on kernel 3.13.0-44-generic #73-Ubuntu SMP. Not sure if I will get to find the reason myself, but if anybody sees this as a duplicate of or an additional input for one of the known bugs, please let me know. -- Denis Ovsienko ___ tcpdump-workers

Re: [tcpdump-workers] odd issue with Linux VLAN interface

On Wed, 28 Jan 2015 01:20:26 + Michael Richardson wrote Denis Ovsienko de...@ovsienko.info wrote: The host has an Ethernet interface with only an IPv6 link-local address (eth0). On top of it there is a VLAN interface with VID 75 (eth0.75), IPv6 link-local address and IPv4

Re: [tcpdump-workers] Pending pull request #378

the changes to make the most obvious and straightforward ones first. -- Denis Ovsienko ___ tcpdump-workers mailing list tcpdump-workers@lists.tcpdump.org https://lists.sandelman.ca/mailman/listinfo/tcpdump-workers

[tcpdump-workers] LINUX_SLL2

, please try to respond to the list. Thank you. -- Denis Ovsienko ___ tcpdump-workers mailing list tcpdump-workers@lists.tcpdump.org https://lists.sandelman.ca/mailman/listinfo/tcpdump-workers

Re: [tcpdump-workers] LINUX_SLL2 - TEST REPLY

On the cornercase offchance that the failure is caused by my MUA (claws-mail), here's a reply from mutt instead. It made it to the list. Don't change anything until you have defended your proposal. -- Denis Ovsienko ___ tcpdump-workers mailing

Re: [tcpdump-workers] [libpcap] New DLT value Request - Wattstopper DLM (#401)

code much later. Thank you. -- Denis Ovsienko ___ tcpdump-workers mailing list tcpdump-workers@lists.tcpdump.org https://lists.sandelman.ca/mailman/listinfo/tcpdump-workers

Re: [tcpdump-workers] buildbot failure in OpenCSW Buildbot on tcpdump-solaris10-sparcv9

On Sun, 22 Mar 2015 10:27:34 + wrote The Buildbot has detected a failed build on builder tcpdump-solaris10-sparcv9 while building tcpdump. It was my mistake, now it has been fixed. -- Denis Ovsienko ___ tcpdump-workers mailing

Re: [tcpdump-workers] LINUX_SLL2

On Sun, 15 Feb 2015 19:34:37 + Paul LeoNerd Evansleon...@leonerd.org.uk wrote On Tue, 13 Jan 2015 00:29:43 +0200 Denis Ovsienko de...@ovsienko.info wrote: List, there is an idea to improve libpcap and tcpdump to enable the latter to print interface name

Re: [tcpdump-workers] how many stable branches to have

to spend their own time on the problem and to contribute the solution. This would be within the typical expectations from an Open Source software project and the developers would still be free to walk an extra mile when/if they want. -- Denis Ovsienko

Re: [tcpdump-workers] buildbot success in OpenCSW Buildbot on tcpdump-solaris10-i386

>Blamelist: Guy Harris <g...@alum.mit.edu> > >Build succeeded! Thank you for fixing this, my Internet link went down shortly after I started to look into the failure report. -- Denis Ovsienko ___ tcpdump-workers mailing list

Re: [tcpdump-workers] buildbot failure in OpenCSW Buildbot on tcpdump-solaris10-i386

BUILD FAILED: failed shell_2 This was expected, the next commit fixed it. -- Denis Ovsienko ___ tcpdump-workers mailing list tcpdump-workers@lists.tcpdump.org https://lists.sandelman.ca/mailman/listinfo/tcpdump-workers

Re: [tcpdump-workers] [pcap-ng-format] comments/edits on pcapng

ges of text overall), in its terms the practice currently established on tcpdump-workers@ is between "Expert Review" and "Specification Required" (the time available for review and requestor's motivation seeming to make the difference). Maybe it would make sense to dec

[tcpdump-workers] posix_fadvise()

if the gain is ever visible with present day hardware and OSes? -- Denis Ovsienko ___ tcpdump-workers mailing list tcpdump-workers@lists.tcpdump.org https://lists.sandelman.ca/mailman/listinfo/tcpdump-workers

Re: [tcpdump-workers] Disable address/name resolution in libpcap

to be able to pre-test without DNS, the filter must be changed to use no hostnames. -- Denis Ovsienko ___ tcpdump-workers mailing list tcpdump-workers@lists.tcpdump.org https://lists.sandelman.ca/mailman/listinfo/tcpdump-workers

Re: [tcpdump-workers] Disable address/name resolution in libpcap

seem to find it. "-n" is an option to tcpdump only, libpcap works the same way with and without it. The only case where DNS may be involved in libpcap is if the filter contains hostnames, which would need to be translated to addresses first to compile the filter. Could you post an exam

Re: [tcpdump-workers] GUE (UDP encapsulation) pull request

l request. Cheers! -- Denis Ovsienko ___ tcpdump-workers mailing list tcpdump-workers@lists.tcpdump.org https://lists.sandelman.ca/mailman/listinfo/tcpdump-workers

Re: [tcpdump-workers] tcpdump logo on GitHub

>https://framapic.org/Z2wN2FpnyNPg/QTrxHAaMFGwG.png I have just uploaded it, thank you. Looks fine but you may want to make the background transparent to make it even better. -- Denis Ovsienko ___ tcpdump-workers mailing list tcpdump-work

Re: [tcpdump-workers] [the-tcpdump-group/tcpdump] Added RADIUS attributes from RFC 5447 (#636)

ng) -- it just copies the error in the registry allocation. I do not see a good way to accept both encodings for this attribute, given the way each encoding is defined. Are you aware of any other code that has copied this error, especially in the network devices firmware? -- Deni

[tcpdump-workers] Fwd: about bits and frequencies

Let's see if my message makes it through the filters this time... Forwarded message From : Denis Ovsienko To : "tcpdump-workers" Date : Tue, 24 Jul 2018 14:07:58 +0100 Subject : about bits and frequencies Forwarded message &g

Re: [tcpdump-workers] if anyone wanted to practice fixing compiler warnings in tcpdump...

On Mon, 30 Jul 2018 02:08:51 +0100 Guy Harris wrote > On Jul 29, 2018, at 5:48 AM, Denis Ovsienko wrote: > > > Building (configure+gcc) tcpdump master branch with libpcap 0.6.1 yields > > the following compiler warnings, some of which are as

[tcpdump-workers] if anyone wanted to practice fixing compiler warnings in tcpdump...

_builtin___snprintf_chk (__s, __n, __USE_FORTIFY_LEVEL - 1, ^~~~ __bos (__s), __fmt, __va_arg_pack ()); ~~~~~ -- Denis Ovsienko ___ tcpdump-wor

Re: [tcpdump-workers] [RFC TCPDUMP PATCH 2/2] Add sll_ifindex into sll_header + use it to print ifname

On Fri, 13 Jul 2018 08:40:47 +0100 Denis Ovsienko wrote > On Thu, 12 Jul 2018 20:38:08 +0100 Guy Harris > wrote > > On Jul 12, 2018, at 11:33 AM, Petr Vorel wrote: > > > > > +#ifdef PCAP_SUPPORT_SLL_V2 > &g

Re: [tcpdump-workers] Should the tcpdump tests be run with TZ=GMT0, or should the AFS printer print time stamps in UTC?

just change it to use gmtime() rather than localtime(). > > I think an user prefer have the local time. -- Denis Ovsienko ___ tcpdump-workers mailing list tcpdump-workers@lists.tcpdump.org https://lists.sandelman.ca/mailman/listinfo/tcpdump-workers

Re: [tcpdump-workers] Should the tcpdump tests be run with TZ=GMT0, or should the AFS printer print time stamps in UTC?

On Sun, 05 Aug 2018 14:12:31 +0100 Francois-Xavier Le Bail wrote > On 05/08/2018 14:46, Denis Ovsienko wrote: > > On Sat, 04 Aug 2018 08:41:10 +0100 Francois-Xavier Le Bail > > wrote > > > On 04/08/2018 09:03, Guy Harris wrote: > >

[tcpdump-workers] PCAP_ERROR/PCAP_ERROR_BREAK or -1/-2?

consistently in all man pages? -- Denis Ovsienko ___ tcpdump-workers mailing list tcpdump-workers@lists.tcpdump.org https://lists.sandelman.ca/mailman/listinfo/tcpdump-workers

Re: [tcpdump-workers] PCAP_ERROR/PCAP_ERROR_BREAK or -1/-2?

On Wed, 25 Jul 2018 09:11:23 +0100 Guy Harris wrote > On Jul 25, 2018, at 12:57 AM, Denis Ovsienko wrote: > > > Roughly a half of the libpcap man pages text uses the values -1 and -2 to > > discuss the return value of particular libpcap functions, the oth

Re: [tcpdump-workers] Should the tcpdump tests be run with TZ=GMT0, or should the AFS printer print time stamps in UTC?

On Sun, 05 Aug 2018 18:21:47 +0100 John Hawkinson wrote > Denis Ovsienko wrote on Sun, 5 Aug 2018 > at 17:05:20 +0100 in > <1650ad5fd29.b5d2798f311917.536858429581803...@ovsienko.info>: > > > It works in an interactive session; but as

Re: [tcpdump-workers] Should the tcpdump tests be run with TZ=GMT0, or should the AFS printer print time stamps in UTC?

On Mon, 06 Aug 2018 09:51:36 +0100 John Hawkinson wrote > Denis Ovsienko wrote on Mon, 6 Aug 2018 > at 09:42:16 +0100 in > <1650e66b5ad.12b3ab99e15597.8336631397456496...@ovsienko.info>: > > > When a network protocol has a timestamp and

Re: [tcpdump-workers] Should the tcpdump tests be run with TZ=GMT0, or should the AFS printer print time stamps in UTC?

ts_date_hmsfrac_print() as well, if time_flag isn't > LOCAL_TIME? Looks like so. -- Denis Ovsienko ___ tcpdump-workers mailing list tcpdump-workers@lists.tcpdump.org https://lists.sandelman.ca/mailman/listinfo/tcpdump-workers

Re: [tcpdump-workers] Packet sanitization and IP masking (PR #615)

ure each time they need a different mask length. I agree in some cases it is best to mask the endpoints right at the capture time, but do you see the use case for offline masking (as in "tcpdump -r infile.pcap -w outfile.pcap ")? -- Denis Ovsienko

Re: [tcpdump-workers] issue with -e in IEEE802_11_RADIO mode

hdr = (const struct ieee80211_radiotap_header > *)p; > +len = > EXTRACT_LE_16BITS(>it_len); > + > + hdrlen = ieee802_11_radio_print(ndo, p, h->len, > h->caplen); > + if (nd

Re: [tcpdump-workers] [tcpdump] Truncated strings

ors (forgetting...). > > Could we do things differently ? With things done this way it looks like this issue could happen, although it would result in incorrect labeling, not incorrect behaviour. A possible solution could be some stack structure and a macro to call the next function, which m

Re: [tcpdump-workers] [RFC TCPDUMP PATCH 2/2] Add sll_ifindex into sll_header + use it to print ifname

On Fri, 13 Jul 2018 08:40:47 +0100 Denis Ovsienko wrote > On Thu, 12 Jul 2018 20:38:08 +0100 Guy Harris > wrote > > On Jul 12, 2018, at 11:33 AM, Petr Vorel wrote: > > > > > +#ifdef PCAP_SUPPORT_SLL_V2 > &g

[tcpdump-workers] fixing -Wformat-truncation

-truncation-with-gcc-8 -- Denis Ovsienko ___ tcpdump-workers mailing list tcpdump-workers@lists.tcpdump.org https://lists.sandelman.ca/mailman/listinfo/tcpdump-workers

Re: [tcpdump-workers] About LINKTYPE_LINUX_SLL / LINKTYPE_LINUX_SLL2

length, as Guy mentioned a couple days ago. > Should we add that the padding is done with '\0' bytes ? As far as encodings typically go, if the padding bytes are always discarded, it does not make difference. But it will not hurt to say the customary "MBZ". -- Denis Ovsienko ___

Re: [tcpdump-workers] [tcpdump-security] [libpcap] Problem with version 1.9.0

use cmake to build any software, so this is my interpretation, feel free to correct. Perhaps if someone had written down, in plain English, which specific steps it takes to compile tcpdump/libpcap, it would be easier to see if it can be done with a simple shell script. -- Denis Ovsienko

[tcpdump-workers] about pcap_set_protocol()

to the master branch in June 2017 (libpcap pull request #595) and it has not made it into a libpcap release yet. -- Denis Ovsienko ___ tcpdump-workers mailing list tcpdump-workers@lists.tcpdump.org https://lists.sandelman.ca/mailman/listinfo/tcpdump

Re: [tcpdump-workers] about pcap_set_protocol()

On Wed, 11 Jul 2018 06:14:41 +0100 Francois-Xavier Le Bail wrote > On 11/07/2018 04:15, Guy Harris wrote: > > On Jul 10, 2018, at 1:31 AM, Denis Ovsienko wrote: > > > >> I have been looking at the man page for pcap_set_protocol() for some > >

Re: [tcpdump-workers] LINKTYPE_LINUX_SLL2 implementation (libpcap & tcpdump)

are easy to state but difficult to solve, so I would suggest to focus on a working prototype first, then the required props around it can be added as necessary. So far it is a well documented solution that does not exist. -- Denis Ovsienko __

Re: [tcpdump-workers] LINKTYPE_LINUX_SLL2 implementation (libpcap & tcpdump)

on a 4-octet boundary; I'm going > to update the LINKTYPE_LINUX_SLL2 specification to put a 2-byte reserved > field after it. Could the 4-octet field (ifindex) be at the beginning? -- Denis Ovsienko ___ tcpdump-workers mailing list tcpdum

Re: [tcpdump-workers] [RFC LIBPCAP PATCH 0/1] LINKTYPE_LINUX_SLL2 implementation

essions, whether parallel or consecutive. But far from convenient. As one of the maintainers, having looked through the commits I am convinced I would not be able to do this anytime soon. -- Denis Ovsienko ___ tcpdump-workers mailing list tcpdump-worker

Re: [tcpdump-workers] [RFC TCPDUMP PATCH 2/2] Add sll_ifindex into sll_header + use it to print ifname

ding right now. > Perhaps this should be done *only* for live captures, *not* for reading > savefiles. -- Denis Ovsienko ___ tcpdump-workers mailing list tcpdump-workers@lists.tcpdump.org https://lists.sandelman.ca/mailman/listinfo/tcpdump-workers

Re: [tcpdump-workers] base directory for bluez

R Myricom SNF library directory, if not DIR/lib Do you think the same would work best for cross-compiling with bluetooth support? On a related note, since libpcap now uses both configure and cmake, the change to the options should be made in a similar way in bo

[tcpdump-workers] proposed change: make tcpdump -n and tcpdump -nn behave differently

. -- Denis Ovsienko ___ tcpdump-workers mailing list tcpdump-workers@lists.tcpdump.org https://lists.sandelman.ca/mailman/listinfo/tcpdump-workers

Re: [tcpdump-workers] [tcpdump] Remove --enable-smb/--disable-smb configure options ?

e to remove --enable-smb/--disable-smb (enable possibly-buggy SMB > printer) code ? To me the flag mainly serves as a reminder to merge tcpdump pull request #518. -- Denis Ovsienko ___ tcpdump-workers mailing list tcpdump-workers@lists.tcpdump.org

Re: [tcpdump-workers] CVE-2018-19519 ("a stack-based buffer over-read exists in the print_prefix function of print-hncp.c")

eone looking at it? Both the report and the CVE allocation are duplicate. The reporter decided to jump ahead. The problem will be fixed. -- Denis Ovsienko ___ tcpdump-workers mailing list tcpdump-workers@lists.tcpdump.org https://lists.sandelman.ca/mailman/listinfo/tcpdump-workers

[tcpdump-workers] Re: Pcap debug at runtime

nused DSOs helpdisplay this help message and exit To direct the debugging output into a file instead of standard output a filename can be specified using the LD_DEBUG_OUTPUT environment variable. -- Denis Ovsienko ___ tcpdump-workers mailing

[tcpdump-workers] Tru64 UNIX

resources to enable such support, please shout before long. Otherwise notions of Tru64/Digital/OSF will be removed where they get in the way of present day development and maintenance. The OS vendor finished Tru64 support 10 years ago. -- Deni

[tcpdump-workers] Re: TCP Header Flags

users ever reads any documentation that comes directly with the software. It would be better to have some other problems solved before looking at this discrepancy again. Specifically, I wonder if it would be practicable to process all remaining longj

  1   2   3   >