summaryrefslogtreecommitdiff
path: root/usr.sbin/tcpdump
AgeCommit message (Collapse)Author
2003-12-22Fix unbounded recursion and an unsigned/signed mixup. Resolves PR 3610.Otto Moerbeek
ok deraadt@ millert@
2003-12-19Argh. Calculate the length really, really correctly.Ryan Thomas McBride
2003-12-19Calculate the length of the captured pfsync payload correctly when printingRyan Thomas McBride
pfsync packets recieved on the wire. Prevents printing of giberish states with snaplen smaller than the mtu of syncif on the sender, and probably other ungoodness.
2003-12-18Recognize NAT-D and NAT-OA payloads. markus@ ok.Hakan Olsson
2003-12-17Change pfsync IP protocol and multicast group numbers.Ryan Thomas McBride
IPPROTO_PFSYNC -> 240 INADDR_PFSYNC_GROUP -> 224.0.0.240 ok deraadt@
2003-12-15Add initial support for pf state synchronization over the network.Ryan Thomas McBride
Implemented as an in-kernel multicast IP protocol. Turn it on like this: # ifconfig pfsync0 up syncif fxp0 There is not yet any authentication on this protocol, so the syncif must be on a trusted network. ie, a crossover cable between the two firewalls. NOTABLE CHANGES: - A new index based on a unique (creatorid, stateid) tuple has been added to the state tree. - Updates now appear on the pfsync(4) interface; multiple updates may be compressed into a single update. - Applications which use bpf on pfsync(4) will need modification; packets on pfsync no longer contains regular pf_state structs, but pfsync_state structs which contain no pointers. Much more to come. ok deraadt@
2003-11-08Return proper anchor rule number in correct byte order.Daniel Hartmeier
From Pyun YongHyeon. ok henning@, canacar@
2003-11-08typos from Jonathon Gray;Jason McIntyre
2003-11-08Print "|pfsync" if the packet is truncated, not "|pflog".Ryan Thomas McBride
2003-11-05Make tcpdump -x work with pfsync.Ryan Thomas McBride
ok dhartmei@
2003-11-02- newline before printing first state (so they all line up and the firstRyan Thomas McBride
state doesn't wrap) - No need to print the rule number, that's included in the -v output. ok dhartmei@ canacar@
2003-10-12Default snaplen is 96 not 68, from Pyun YongHyeon, ok deraadt@Daniel Hartmeier
2003-10-12Make it compile without INET6, from Max Laier, ok deraadt@Daniel Hartmeier
2003-09-25- simplify macrosJason McIntyre
- sort options - typos and formatting improvements - sync usage() and SYNOPSIS
2003-09-08Fix 'tcpdump -v icmp' endianess buglet, print ID in hex.Cedric Berger
Found by ho@, help/test pb@, hex suggestion/ok deraadt@
2003-09-04put escapes in the right place;Jason McIntyre
(i.e. stuff I got wrong the first time, or missed) this includes some .Cd's with missing quotes and .Nm abuse in man4;
2003-09-02escape punctuation; (and a nit in openssl.1)Jason McIntyre
ok deraadt@
2003-08-28tweak;Jason McIntyre
ok frantzen@
2003-08-21print the operating system of TCP SYN packets with the -o optionMike Frantzen
2003-07-17add support for ESP decryption; ok deraadt@; feedback mickey@;Markus Friedl
many manpage fixes from jmc@
2003-07-14macro fixes;Jason McIntyre
2003-07-08print ip_{src,dst} again; ok henning@Markus Friedl
2003-06-26ansi and protosTheo de Raadt
2003-06-21#ifdef INET6Daniel Hartmeier
2003-06-21count packets and bidirectionally on state entries, allowing for fine-grainedDamien Miller
traffic reporting w/ pfsync; ok dhartmei@ Note: ABI change (new fields in struct pf_state), requires a rebuild of pfctl and tcpdump.
2003-06-12- section reorderJason McIntyre
- macro fixes - kill whitespace at EOL - new sentence, new line
2003-06-11support for NAT-T (draft-ietf-ipsec-udp-encaps-06.txt); ok deraadt@Markus Friedl
2003-06-03last bit of clause 3 & 4 nuking for me.Jason Wright
2003-06-02Remove the advertising clause in the UCB license which BerkeleyTodd C. Miller
rescinded 22 July 1999. Proofed by myself and Theo.
2003-06-02three four kill ...Michael Shalayeff
2003-05-22remove -Werror; ok millertPeter Valchev
2003-05-14libpcap and tcpdump now understand the new pflog datalink type.Can Erkin Acar
old datalink type is still recognized. ok henning@ dhartmei@ frantzen@
2003-04-14%d is 12 chars, not 10; ok deraadtPeter Valchev
2003-04-08invalid mdoc macrosDavid Krause
caused words to disappear from the output ok jmc@ a while ago
2003-04-04Back out the realloc change, to do it right requires more recordTodd C. Miller
keeping and could result in very large memory chunks.
2003-04-02o Use realloc() instead of leaking memory when we need more than 1024 bytesTodd C. Miller
o use strlcpy() deraadt@ OK
2003-02-20add printing of ipcomp, and while in the neighborhood, make ah/esp actuallyJason Wright
check the length of the data
2003-02-11Show DF on IP fragmentsCedric Berger
ok henric@
2003-01-28a lost ntohs() caused tcpdump not to print the action.Henning Brauer
debugging session with and ok'd by dhartmei@
2003-01-27bugfix from Can Erkin Acar <canacar@eee.metu.edu.tr>:Henning Brauer
hbhopt_print() and dstopt_print() can return 0 if the option is located just one byte short of snapend this would cause an infinite loop in ip6_print().
2003-01-07Remove pfr_unwrap_table workaround, it's no longer needed.Daniel Hartmeier
2003-01-04workaround until pf fixes thisTheo de Raadt
2003-01-01Support all possible rule types ("scrub" rules can log packets beingRyan Thomas McBride
dropped, others may as well in the future). ok dhartmei@ henning@
2002-12-23no need to ntohs the portsMichael Shalayeff
2002-12-20use bcopy instead of struct assignmentMichael Shalayeff
2002-12-01Grammar nitpicking.margarida
Closes PR 3005. fgsch@ ok
2002-11-30pfsync support; deraadt@ okMichael Shalayeff
2002-11-30stop breaking the damn tree mickeyTheo de Raadt
2002-11-29tcpdump support for pfsync; henning@ okMichael Shalayeff
2002-11-28Check for invalid ICMP6 option length, ok itojun@Daniel Hartmeier