summaryrefslogtreecommitdiff
path: root/usr.sbin/tcpdump
AgeCommit message (Collapse)Author
2004-04-29a slight polishing...Theo de Raadt
2004-04-29unused variables; ok mcbrideTheo de Raadt
2004-04-28Fix fd leaks.Can Erkin Acar
Found by and ok deraadt@
2004-04-28Make tcpdump print carp as carp. Printing vrrp can be forced with -T vrrp.Ryan Thomas McBride
ok markus@ pb@
2004-04-23Silence getopt() in the priv process. ok canacar@ henning@Otto Moerbeek
2004-04-14Don't forget to move to STATE_RUN if the -w output file is stdout.Otto Moerbeek
ok canacar@
2004-04-13Cleanup and more careful payload parsing.Hans-Joerg Hoexer
ok ho@
2004-04-08only close fd if its valid, from Moritz Jodeit <moritz at jodeit.org>Anil Madhavapeddy
canacar@ ok
2004-04-08In error message, use saved errno, not current errno.Anil Madhavapeddy
From Moritz Jodeit <moritz at jodeit.org>
2004-04-07Fix bounds check for printing of ip6 options. Similar fix in tcpdumpOtto Moerbeek
3.8.1. From Greg Taleck <taleck at oz dot net>, with twist from me to keep diffablility.
2004-04-06Print DELETE payload contents. ok markus@.Hakan Olsson
2004-04-03- dont send junk err in parent_open_dump() if filename is NULLAnil Madhavapeddy
- dont close an invalid fd canacar@ ok
2004-03-22Add support for PFSYNC_ACT_BUS. (Bulk Update Status)Ryan Thomas McBride
ok deraadt@
2004-03-19Remove errant ';' from end of for() statement. deraadt@ okAaron Campbell
2004-03-15if (foo); ok aaron@Damien Miller
2004-03-14Check return code of chdir() after chroot(); noted by Joris Vink, slight modOtto Moerbeek
from avsm@. ok avsm@ hshoexer@ henning@
2004-03-12Check payload size more carefully when printing ike messages. Identified byHans-Joerg Hoexer
cloder@. ok ho@ otto@ cloder@
2004-02-20Print ifname in PFSYNC_ACT_CLR message if present.Ryan Thomas McBride
2004-02-15string.h for memsetJolan Luff
2004-02-14KNFHakan Olsson
2004-02-14Fix DOI select logic, which was broken for IKE vendors that sends non-zeroHakan Olsson
spi_size in their phase 1 proposals, such as some DLink VPN routers. Also replace u_char with u_int8_t. markus@, hshoexer@ ok.
2004-02-13Print protocol and service numbers correctly when -n switch is specified.Can Erkin Acar
reported by mcbride@ ok otto@ mcbride@
2004-02-10Make pfsync printing consistent with rest of tcpdump regarding newlines,Ryan Thomas McBride
pass -vv in to pf_print_state(), and print update count where appropriate.
2004-02-10Make pfsync work correctly with IP options on 64-bit alignmentRyan Thomas McBride
sensitive CPUs. Pointed out by deraadt@.
2004-02-05Don't print two confusing error messages, print a single clear one.Otto Moerbeek
ok deraadt@ hshoexer@ avsm@
2004-02-04Better error message when bpf device open fails.Otto Moerbeek
ok dhartmei@ brad@
2004-02-04Some more non-alignment problems resolved.Otto Moerbeek
ok deraadt@
2004-02-02Do away with non-aligned memory accesses.Otto Moerbeek
ok deraadt@ hshoexer@
2004-01-31general cleanup and better SIGCHLD handling from millert@Otto Moerbeek
ok canacar@
2004-01-28privilege separated tcpdump, joint work with otto@Can Erkin Acar
tested by avsm@ vincent@ dhartmei@ markus@ hshoexer@ and others go for it deraadt@
2004-01-22802.3X pretty printer (dead simple)Jason Wright
jakob@: "seems reasonable"
2004-01-21Increment the right pointers, so we don't print the same entries repeatedly.Ryan Thomas McBride
2004-01-21Clean up pfsync output: print source address by default, pass -vv correctlyRyan Thomas McBride
to pf_print_state(), and other minor cleanup.
2004-01-20If you go through the trouble of caching the name of the last printedOtto Moerbeek
rpc num, you might as well use it later too. ok canacar@
2004-01-18Sync print-domain with tcpdump.org; avoids tcpdump barfing on bogusOtto Moerbeek
DNS traffic. ok canacar@ jakob@
2004-01-15Input should be atleast an isakmp_header long. otto@, markus@ ok.Hakan Olsson
2004-01-15print tcpmd5 signature options; with/ok itojunMarkus Friedl
2004-01-10Avoid duplication of code; handle truncated packets properly; useOtto Moerbeek
fn_print to print strings. Joint work with & ok canacar@.
2004-01-09Avoid messing up the screen by non-printable chars in hostname +Otto Moerbeek
sync with tcpdump.org. ok canacar@
2004-01-04zap unused variable; ok mcbridePeter Valchev
2003-12-31Many improvements to the handling of interfaces in PF.Cedric Berger
1) PF should do the right thing when unplugging/replugging or cloning/ destroying NICs. 2) Rules can be loaded in the kernel for not-yet-existing devices (USB, PCMCIA, Cardbus). For example, it is valid to write: "pass in on kue0" before kue USB is plugged in. 3) It is possible to write rules that apply to group of interfaces (drivers), like "pass in on ppp all" 4) There is a new ":peer" modifier that completes the ":broadcast" and ":network" modifiers. 5) There is a new ":0" modifier that will filter out interface aliases. Can also be applied to DNS names to restore original PF behaviour. 6) The dynamic interface syntax (foo) has been vastly improved, and now support multiple addresses, v4 and v6 addresses, and all userland modifiers, like "pass in from (fxp0:network)" 7) Scrub rules now support the !if syntax. 8) States can be bound to the specific interface that created them or to a group of interfaces for example: - pass all keep state (if-bound) - pass all keep state (group-bound) - pass all keep state (floating) 9) The default value when only keep state is given can be selected by using the "set state-policy" statement. 10) "pfctl -ss" will now print the interface scope of the state. This diff change the pf_state structure slighltly, so you should recompile your userland tools (pfctl, authpf, pflogd, tcpdump...) Tested on i386, sparc, sparc64 by Ryan Tested on macppc, sparc64 by Daniel ok deraadt@ mcbride@
2003-12-28Unbreak tree by using correct PFSYNC_ACT_UREQ #define.Ryan Thomas McBride
Also remove unused hlen variable.
2003-12-28Add a new PFSYNC_ACT_UREQ message type.Ryan Thomas McBride
A pfsync system which recieves a partial update for a state it cannot find can now request a full version of the update, and insert it. pfsync'd firewalls now converge more gracefully if one is missing some states (due to reset, lost insert packets, etc).
2003-12-27Zero out the pf_state struct before filling it with data from theRyan Thomas McBride
pfsync_state struct.
2003-12-22Fix unbounded recursion and an unsigned/signed mixup. Resolves PR 3610.Otto Moerbeek
ok deraadt@ millert@
2003-12-19Argh. Calculate the length really, really correctly.Ryan Thomas McBride
2003-12-19Calculate the length of the captured pfsync payload correctly when printingRyan Thomas McBride
pfsync packets recieved on the wire. Prevents printing of giberish states with snaplen smaller than the mtu of syncif on the sender, and probably other ungoodness.
2003-12-18Recognize NAT-D and NAT-OA payloads. markus@ ok.Hakan Olsson
2003-12-17Change pfsync IP protocol and multicast group numbers.Ryan Thomas McBride
IPPROTO_PFSYNC -> 240 INADDR_PFSYNC_GROUP -> 224.0.0.240 ok deraadt@
2003-12-15Add initial support for pf state synchronization over the network.Ryan Thomas McBride
Implemented as an in-kernel multicast IP protocol. Turn it on like this: # ifconfig pfsync0 up syncif fxp0 There is not yet any authentication on this protocol, so the syncif must be on a trusted network. ie, a crossover cable between the two firewalls. NOTABLE CHANGES: - A new index based on a unique (creatorid, stateid) tuple has been added to the state tree. - Updates now appear on the pfsync(4) interface; multiple updates may be compressed into a single update. - Applications which use bpf on pfsync(4) will need modification; packets on pfsync no longer contains regular pf_state structs, but pfsync_state structs which contain no pointers. Much more to come. ok deraadt@
generated by cgit v1.2.3 (git 2.25.1) at 2025-01-07 06:56:56 +0000