summaryrefslogtreecommitdiff
path: root/usr.sbin/tcpdump
AgeCommit message (Collapse)Author
2023-04-12remove duplicate linesJonathan Gray
2023-03-13Fix potential underflow when printing STP data.Moritz Buhl
Reported by Peter J. Philipp ok claudio
2023-03-13Fix usbpcap handler to properly detect overflows using TCHECK macros.Claudio Jeker
OK mpi@ mbuhl@
2023-03-03Use EXTRACT_16BITS() in default_print() instead of handrolling it.Claudio Jeker
OK bluhm@
2023-03-01KNF, no functional change.Claudio Jeker
2023-02-28Adjust default_print() to not run over snapend.Claudio Jeker
Kill default_print_unaligned() and adjust default_print() to also work with unaligned buffers. There is no need for two functions doing the same thing. Pass the right length in nsh_print to default_print(). Fixes on place that makes tcpdump crash. Reported by Peter J. Philipp (pjp at delphinusdns dot org) OK mbuhl@
2022-12-28spelling fixes; from paul tagliamonteJason McIntyre
any parts of his diff not taken are noted on tech
2022-09-10wireless LANS -> wireless LANsJonathan Gray
2022-07-22In tcpdump(8), fix use of wrong index into 802.11 PMKID data when multipleStefan Sperling
PMKIDs are present. Same error as found by Mikhail for ciphers and AKMs.
2022-07-22In tcpdump(8), fix printing of multiple 802.11 RSN ciphers and AKMs.Stefan Sperling
Also, pretty-print SAE (used by WPA3) if found in AKMs. Errors introduced by me in CVS commit hgtOdzeJfB27Yyq0 / r1.40. Patch by Mikhail
2022-07-09Explicitly set the default value for Bflag to BPF_FILDROP_PASSAlexander Hall
Technically a nop since the value of the initial constant is 0 anyway but we should not rely on that.
2022-06-09Readd ETHERTYPE_NHRPA case.mbuhl
Found by Stefan Butz. ok dlg@
2022-05-25Print ASnumbers in asplain format and stop using the old asdot format.Claudio Jeker
While there clean up some draft comments with their RFC number. The detection for 4-byte ASPATH attributes is a bit sloppy but since all resonable BGP versions use 4-byte ASnumbers now we default to them unless we know it is a 2-byte encoding. Kill it with fire. deraadt@ & job@ OK sthen@
2022-05-25Add RFC 9234 "BGP Role" supportJob Snijders
With and OK claudio@
2022-03-17Make tcpdump(8) show 802.11ac VHT capability and operation IEs in -v mode.Stefan Sperling
ok sthen@
2022-02-22MAXCOMLEN is no longer needed in these programs, so remove the annotationTheo de Raadt
from sys/param.h include lines, or remove the include lines entirely if it this was the least requirement. ok millert
2022-01-31tcpdump: fix -Wunused-but-set-variable warningChristian Weisgerber
All "infile" handling was moved into priv_exec() when tcpdump was privilege separated. The options are scanned both in priv_exec() and in main(), so the empty case needs to remain in the latter. ok deraadt@
2022-01-05add a basic printer for EAPOL packets.David Gwynne
EAPOL turns out to be a little container for a bunch of other types of packets, including EAP for use with vanilla 802.1X, a kind of capability announcement thing, and MACsec Key Agreement. it's not worth adding a separately file for such a small chunk of functionality, and it seems specific to ethernet. parsers/printers for the sub protocols can come later if needed. ok deraadt@ visa@
2022-01-05ethertypes.h has now added the missing ethertypes we're looking at here.David Gwynne
2022-01-05fix some more -Wunused-but-set-variableDavid Gwynne
2022-01-05fix another -Wunused-but-set-variableDavid Gwynne
2022-01-05more -Wunused-but-set-variable fixesDavid Gwynne
2022-01-05clean up another -Wunused-but-set-variable thingDavid Gwynne
2022-01-05clean up some -Wunused-but-set-variable.David Gwynne
this file had it's own verison of TCHECK, but also not. not the best.
2022-01-05fix some -Wunused-but-set-variable stuff.David Gwynne
2022-01-05silence a -Wunused-but-set-variableDavid Gwynne
2022-01-01Multiprocol -> MultiprotocolJonathan Gray
2021-12-01we do not need 'struct mbuf; struct rtentry;' to satisfy some ancient unixTheo de Raadt
variant that made a header file mistake. ok jsg
2021-11-29tcpdump: convert print-ipsec to a EVP_CIPHER_CTX on the heap.Theo Buehler
Fix and add some error checking while there. ok deraadt
2021-10-24For open/openat, if the flags parameter does not contain O_CREAT, theTheo de Raadt
3rd (variadic) mode_t parameter is irrelevant. Many developers in the past have passed mode_t (0, 044, 0644, or such), which might lead future people to copy this broken idiom, and perhaps even believe this parameter has some meaning or implication or application. Delete them all. This comes out of a conversation where tb@ noticed that a strange (but intentional) pledge behaviour is to always knock-out high-bits from mode_t on a number of system calls as a safety factor, and his bewilderment that this appeared to be happening against valid modes (at least visually), but no sorry, they are all irrelevant junk. They could all be 0xdeafbeef. ok millert
2021-10-23Correctly print varbind not found contexts.Martijn van Duren
OK benno@
2021-10-23Always print the community.Martijn van Duren
There's no such thing as a default community. OK benno@
2021-10-23We define Unsigned32 as [Application 7], which was part of RFC1442 (1993),Martijn van Duren
but was removed in RFC1902 (1996), where it was made equal to Gauge32. There's no real harm in keeping it, since nothing else uses [APPLICATION 7], but add a comment to help out any future lost soul that might wander into this. OK benno@
2021-09-16tcpdump: Fix data alignment issue in WireGuard printerVisa Hankala
Access 8-byte nonce as unaligned data to avoid a crash on strict alignment architectures. With IP and UDP, payload alignment is guaranteed to 4-byte boundary only. Reported and tested by Peter J. Philipp OK deraadt@
2021-09-16Add EXTRACT_LE_64BITS().Visa Hankala
OK deraadt@
2021-09-07synchronize tcpdump.8 and pcap-filter.5 primitives documentationDenis Fondras
reads ok to jmc@ good enough start for deraadt@
2021-07-12Change the error reporting pattern throughout the tree when unveilBob Beck
fails to report the path that the failure occured on. Suggested by deraadt@ after some tech discussion. Work done and verified by Ashton Fagg <ashton@fagg.id.au> ok deraadt@ semarie@ claudio@
2021-06-28Have tcpdump split the 802.11 sequence number field into its sequence numberStefan Sperling
and fragment number components instead of printing the whole field in decimal. ok sthen@ kn@ jca@
2021-06-17Add simple BGP Enhanced Route Refresh Message decodingjob
seems OK claudio@
2021-04-14On powerpc64 tcpdump(8) could not parse wireguard packets.Alexander Bluhm
EXTRACT_LE_32BITS() converts the type from little endian to host endian. So we need the constants in host endianess. This fixes regress/sys/net/wg. OK deraadt@ sthen@
2021-03-02off by one in bounds testJonathan Gray
ok sthen@ millert@
2021-01-20Print rewritten addresses in tcpdump(8) logged with pflog(4) forAlexander Bluhm
rdr-to, nat-to, af-to rules. The kernel uses the information from the packet description and fills it into the fields in the pflog header. While doing this, it is trival to figure out whether the packet has been rewritten. OK sashan@
2020-12-04Don't link tcpdump(8) with libl and remove reference to `yydebug'.mvs
From Martin Vahlensieck.
2020-12-03Kill unused `ch' variable within safeputs routine. Also use putchar(3)mvs
instead of printf(3) to output printable characters. Pointed by Martin Vahlensieck. ok gnezdo@
2020-11-05Send print-skip.c to the atticTheo Buehler
This was unhooked from the build in a code sync in 1996 and didn't make it into the upstream revision history. Prompted by a diff from Neeraj Pal that showed that this file wasn't compiled. ok jca kn
2020-10-26Fix parsing GTP packets with invalid extended headers.Jeremie Courreges-Anglas
In GTP a zero extended header length is invalid, deal with this instead of looping forever. Report and fix by Peter J. Philipp, tweaked by me, ok kn@
2020-08-17add geneve option printing.David Gwynne
mostly modelled on the nsh md2 printing.
2020-08-17don't need to shift the vxlan vni twice.David Gwynne
2020-08-17add initial support for handling geneve packets.David Gwynne
it's like vxlan, but different. the most interesting difference to vxlan is that the protocol adds support for adding optional metadata to packets (like nsh). this diff currently just skips that stuff and just handles the payload. for now.
2020-07-21Avoid integer underflow due to tiny snaplenkn
For DLT_NULL and DLT_LOOP interfaces, print-null.c passes `caplen - NULL_HDRLEN' as length to default_print() which takes an unsigned integer, hence if caplen is smaller than the header itself (four octets), this difference wraps around. Exit early in such cases and print the expected truncation marker "[|null]" instead. Feedback OK dlg