Some crappy systems seem to send out packets with very strange lenght
fields. In my particular case the IP length is 64 bytes (overall packet)
but the ospf length is 32 bytes and therefor 12 bytes short. The box seems
to add some crap as padding (I bet uninitialized memory).
Tcpdump does not like this situation and would not print the packet. I
changed the code to allow such padded ip packets (since ospfd accepts them
as well).
Comments, OKs?
--
:wq Claudio
Index: print-ospf.c
===================================================================
RCS file: /cvs/src/usr.sbin/tcpdump/print-ospf.c,v
retrieving revision 1.15
diff -u -p -r1.15 print-ospf.c
--- print-ospf.c 4 Aug 2010 16:47:01 -0000 1.15
+++ print-ospf.c 23 Feb 2011 13:38:42 -0000
@@ -520,15 +520,19 @@ ospf_print(register const u_char *bp, re
/* value. If it's not valid, say so and return */
TCHECK(op->ospf_type);
cp = tok2str(type2str, "type%d", op->ospf_type);
- printf(" OSPFv%d-%s %d:", op->ospf_version, cp, length);
+ printf(" OSPFv%d-%s ", op->ospf_version, cp);
if (*cp == 't')
return;
TCHECK(op->ospf_len);
- if (length != ntohs(op->ospf_len)) {
+ if (length < ntohs(op->ospf_len)) {
printf(" [len %d]", ntohs(op->ospf_len));
return;
- }
+ } else if (length > ntohs(op->ospf_len)) {
+ printf(" %d[%d]:", ntohs(op->ospf_len), length);
+ length = ntohs(op->ospf_len);
+ } else
+ printf(" %d:", length);
dataend = bp + length;
/* Print the routerid if it is not the same as the source */
