![[BACK]](/icons/back.gif){kind=icon}
Up to [local] / src / usr.sbin / tcpdump
Request diff between arbitrary revisions
Default branch: MAIN
Revision 1.35 / (download) - annotate - [select for diffs], Tue May 21 05:00:48 2024 UTC (2 weeks, 4 days ago) by jsg
Branch: MAIN
CVS Tags: HEAD
Changes since 1.34: +1 -2 lines
Diff to previous 1.34 (colored)
remove prototypes with no matching function and externs with no var partly checked by millert@
Revision 1.34 / (download) - annotate - [select for diffs], Mon Aug 17 07:09:25 2020 UTC (3 years, 9 months ago) by dlg
Branch: MAIN
CVS Tags: OPENBSD_7_5_BASE,
OPENBSD_7_5,
OPENBSD_7_4_BASE,
OPENBSD_7_4,
OPENBSD_7_3_BASE,
OPENBSD_7_3,
OPENBSD_7_2_BASE,
OPENBSD_7_2,
OPENBSD_7_1_BASE,
OPENBSD_7_1,
OPENBSD_7_0_BASE,
OPENBSD_7_0,
OPENBSD_6_9_BASE,
OPENBSD_6_9,
OPENBSD_6_8_BASE,
OPENBSD_6_8
Changes since 1.33: +63 -3 lines
Diff to previous 1.33 (colored)
add geneve option printing. mostly modelled on the nsh md2 printing.
Revision 1.33 / (download) - annotate - [select for diffs], Mon Aug 17 06:32:31 2020 UTC (3 years, 9 months ago) by dlg
Branch: MAIN
Changes since 1.32: +2 -2 lines
Diff to previous 1.32 (colored)
don't need to shift the vxlan vni twice.
Revision 1.32 / (download) - annotate - [select for diffs], Mon Aug 17 06:29:29 2020 UTC (3 years, 9 months ago) by dlg
Branch: MAIN
Changes since 1.31: +98 -1 lines
Diff to previous 1.31 (colored)
add initial support for handling geneve packets. it's like vxlan, but different. the most interesting difference to vxlan is that the protocol adds support for adding optional metadata to packets (like nsh). this diff currently just skips that stuff and just handles the payload. for now.
Revision 1.31 / (download) - annotate - [select for diffs], Wed Apr 15 20:19:25 2020 UTC (4 years, 1 month ago) by remi
Branch: MAIN
CVS Tags: OPENBSD_6_7_BASE,
OPENBSD_6_7
Changes since 1.30: +7 -1 lines
Diff to previous 1.30 (colored)
add support for printing RfC 2332 NBMA Next Hop Resolution Protocol (NHRP) ok dlg@
Revision 1.30 / (download) - annotate - [select for diffs], Fri Jan 24 22:46:36 2020 UTC (4 years, 4 months ago) by procter
Branch: MAIN
Changes since 1.29: +3 -3 lines
Diff to previous 1.29 (colored)
- (void)printf() -> printf(); the cast adds clutter for little value. - fprintf(stdout, ...) -> printf() - fputs(x, stdout) -> printf(); for consistency. fputs is twice as fast on atom x5-Z8300@1.44GHz but Amdahl sees a pure printf tcpdump only 2% slower than a pure fputs (for constant strings) tcpdump to /dev/null across a 20MB/~170k packet pcap file. ok dlg@ for fputs and ok tedu@ krw@ deraadt@ a2k19 for the rest
Revision 1.29 / (download) - annotate - [select for diffs], Tue Dec 3 01:43:33 2019 UTC (4 years, 6 months ago) by dlg
Branch: MAIN
Changes since 1.28: +8 -2 lines
Diff to previous 1.28 (colored)
add support for printing RFC 8300 Network Service Header (NSH) ok deraadt@
Revision 1.28 / (download) - annotate - [select for diffs], Mon Dec 2 22:32:01 2019 UTC (4 years, 6 months ago) by dlg
Branch: MAIN
Changes since 1.27: +79 -32 lines
Diff to previous 1.27 (colored)
add support for VXLAN-GPE as per draft-ietf-nvo3-vxlan-gpe-08. it's nicely backwards compatible, so we can use the same code for both vxlan and vxlan-gpe.
Revision 1.27 / (download) - annotate - [select for diffs], Sun May 26 22:42:42 2019 UTC (5 years ago) by dlg
Branch: MAIN
CVS Tags: OPENBSD_6_6_BASE,
OPENBSD_6_6
Changes since 1.26: +9 -1 lines
Diff to previous 1.26 (colored)
support -T erspan so arbitrary gre protocols can be seen as erspan this lets me configure a custom gre protocol on a dell s4810 or s5048 and see what's inside it when it lands on an openbsd box. ok lteo@
Revision 1.26 / (download) - annotate - [select for diffs], Fri May 17 06:47:10 2019 UTC (5 years ago) by dlg
Branch: MAIN
Changes since 1.25: +10 -4 lines
Diff to previous 1.25 (colored)
handle ERSPAN type I type I and II share their GRE protocol, but you tell them apart by checking if a sequence number is used. type I does not use a sequence number and contains a bare ethernet frame. type II contains a sequence number and a shim header that is already handled by the code. tested with a Dell S5048F-ON and an encapsulated remote port mirror setup.
Revision 1.25 / (download) - annotate - [select for diffs], Fri Apr 5 00:59:24 2019 UTC (5 years, 2 months ago) by dlg
Branch: MAIN
CVS Tags: OPENBSD_6_5_BASE,
OPENBSD_6_5
Changes since 1.24: +3 -0 lines
Diff to previous 1.24 (colored)
print the gre protocol number as hex when vflag is enabled this is useful for telling the MPLSes apart, and generally understanding what you're seeing.
Revision 1.24 / (download) - annotate - [select for diffs], Fri Apr 5 00:57:59 2019 UTC (5 years, 2 months ago) by dlg
Branch: MAIN
Changes since 1.23: +4 -1 lines
Diff to previous 1.23 (colored)
support printing cdp over gre and ppp ok deraadt@ mpi@ sthen@
Revision 1.23 / (download) - annotate - [select for diffs], Tue Apr 2 11:10:54 2019 UTC (5 years, 2 months ago) by dlg
Branch: MAIN
Changes since 1.22: +2 -1 lines
Diff to previous 1.22 (colored)
print MPLS_MCAST as mpls, rather than unknown The caveat with this is that MPLS and MPLS_MCAST look exactly the same. I could prefix the MCAST line with "multicast" or something, but like everything else in MPLS the meaning of that protocol type is supposed to have changed. It's no longer meant to indicate multicast mpls, but mpls with a label selected by an upstream. So what's the right thing to do? noticed by Mitchell Krome, who used this breakage to identify another problem, which won't happen anymore.
Revision 1.22 / (download) - annotate - [select for diffs], Tue Feb 5 10:57:48 2019 UTC (5 years, 4 months ago) by dlg
Branch: MAIN
Changes since 1.21: +104 -1 lines
Diff to previous 1.21 (colored)
handle Cisco's Encapsulated Remote Switch Port Analyzer (ERSPAN) protocol ERSPAN II is an 8 byte header before an ethernet payload. the switch at work doesnt produce erspan III, so I haven't handled that yet. this at least let's me see what's on the wire so i can contemplate how i want to deal with the payload. based on draft-foschiano-erspan-03
Revision 1.21 / (download) - annotate - [select for diffs], Fri Jul 6 07:13:21 2018 UTC (5 years, 11 months ago) by dlg
Branch: MAIN
CVS Tags: OPENBSD_6_4_BASE,
OPENBSD_6_4
Changes since 1.20: +62 -1 lines
Diff to previous 1.20 (colored)
add support for vxlan packets. I personally think vxlan looks suspiciously like gre, so I put the parser in print-gre.c
Revision 1.20 / (download) - annotate - [select for diffs], Mon May 28 00:06:45 2018 UTC (6 years ago) by dlg
Branch: MAIN
Changes since 1.19: +97 -19 lines
Diff to previous 1.19 (colored)
recognise MikroTik's Ethernet over IP (eoip) protocol eoip is a twisted gre based protocol using version 1 like pptp, but a different protocol id. this splits the gre 1 protocol handling up so it doesn't assume that all packets are pptp, but decides between eoip and pptp based on the protocol field. unknown protocols are unknown rather that assumed to be pptp. ok sthen@
Revision 1.19 / (download) - annotate - [select for diffs], Sat Feb 24 08:53:36 2018 UTC (6 years, 3 months ago) by dlg
Branch: MAIN
CVS Tags: OPENBSD_6_3_BASE,
OPENBSD_6_3
Changes since 1.18: +2 -2 lines
Diff to previous 1.18 (colored)
make the gre flowid output always 2 chars so payloads stay lined up.
Revision 1.18 / (download) - annotate - [select for diffs], Fri Feb 9 04:08:26 2018 UTC (6 years, 4 months ago) by dlg
Branch: MAIN
Changes since 1.17: +2 -2 lines
Diff to previous 1.17 (colored)
use ether_tryprint, which looks inside the ether packet. ether_print just prints the ether header.
Revision 1.17 / (download) - annotate - [select for diffs], Fri Feb 9 00:06:51 2018 UTC (6 years, 4 months ago) by dlg
Branch: MAIN
Changes since 1.16: +21 -14 lines
Diff to previous 1.16 (colored)
it turns out the wccp header is optional peek inside the payload to see if the first nibble looks like ipv4. if it isnt ipv4 assume it is the wccp header.
Revision 1.16 / (download) - annotate - [select for diffs], Thu Feb 8 22:56:28 2018 UTC (6 years, 4 months ago) by dlg
Branch: MAIN
Changes since 1.15: +34 -1 lines
Diff to previous 1.15 (colored)
have a go at decoding cisco wccp gre packets, and let them fall into IP.
Revision 1.15 / (download) - annotate - [select for diffs], Thu Feb 8 09:01:45 2018 UTC (6 years, 4 months ago) by dlg
Branch: MAIN
Changes since 1.14: +4 -1 lines
Diff to previous 1.14 (colored)
recognise gre proto 0 as a "keep alive" packet
Revision 1.14 / (download) - annotate - [select for diffs], Wed Feb 7 06:26:14 2018 UTC (6 years, 4 months ago) by dlg
Branch: MAIN
Changes since 1.13: +3 -3 lines
Diff to previous 1.13 (colored)
shorten the output for gre keys.
Revision 1.13 / (download) - annotate - [select for diffs], Tue Feb 6 03:07:51 2018 UTC (6 years, 4 months ago) by dlg
Branch: MAIN
Changes since 1.12: +127 -100 lines
Diff to previous 1.12 (colored)
rework ppp, pptp, and gre parsing. this started cos i was looking at pptp, which came out like this: 23:52:00.197893 call 24 seq 7: gre-ppp-payload (gre encap) 23:52:00.198930 call 1 seq 7 ack 7: gre-ppp-payload (gre encap) now it looks like this: 23:52:00.197893 20.0.0.2 > 20.0.0.1: pptp callid 24 seq 7: 17.1.1.122 > 40.0.0.2: icmp: echo request 23:52:00.198930 20.0.0.1 > 20.0.0.2: pptp callid 1 seq 7 ack 7: 40.0.0.2 > 17.1.1.122: icmp: echo reply the big improvement in ppp parsing is it stops parsing based on what the ppp headers say, rather than what bytes have been captured. this also adds parsing of EAP packets. DLT_PPP_SERIAL is now recognised and printed. gre now prints the outer addresses always, not just when it's encapsulated by ipv6 or -v is passed to tcpdump. ok sthen@
Revision 1.12 / (download) - annotate - [select for diffs], Tue Dec 13 06:40:21 2016 UTC (7 years, 5 months ago) by dlg
Branch: MAIN
CVS Tags: OPENBSD_6_2_BASE,
OPENBSD_6_2,
OPENBSD_6_1_BASE,
OPENBSD_6_1
Changes since 1.11: +62 -29 lines
Diff to previous 1.11 (colored)
teach tcpdump some more things about gre. gre can be encapsulated in ipv6. gre can encapsulate ipv6, mpls, and ethernet. nvgre is based on gre, so if the header could be nvgre print the vsid and flow id as well as the key. ok stsp@
Revision 1.11 / (download) - annotate - [select for diffs], Thu Nov 5 11:55:21 2015 UTC (8 years, 7 months ago) by jca
Branch: MAIN
CVS Tags: OPENBSD_6_0_BASE,
OPENBSD_6_0,
OPENBSD_5_9_BASE,
OPENBSD_5_9
Changes since 1.10: +4 -1 lines
Diff to previous 1.10 (colored)
Cap the GRE packet len to tcpdump's snap len, fixes a segfault. From Kevin Reay, ok sthen@
Revision 1.10 / (download) - annotate - [select for diffs], Thu Nov 5 11:52:24 2015 UTC (8 years, 7 months ago) by jca
Branch: MAIN
Changes since 1.9: +2 -2 lines
Diff to previous 1.9 (colored)
When fetching the GRE version, use GRE_VERS and not a naked "7" as mask. From Kevin Reay
Revision 1.9 / (download) - annotate - [select for diffs], Fri Jan 16 06:40:21 2015 UTC (9 years, 4 months ago) by deraadt
Branch: MAIN
CVS Tags: OPENBSD_5_8_BASE,
OPENBSD_5_8,
OPENBSD_5_7_BASE,
OPENBSD_5_7
Changes since 1.8: +1 -2 lines
Diff to previous 1.8 (colored)
Replace <sys/param.h> with <limits.h> and other less dirty headers where possible. Annotate <sys/param.h> lines with their current reasons. Switch to PATH_MAX, NGROUPS_MAX, HOST_NAME_MAX+1, LOGIN_NAME_MAX, etc. Change MIN() and MAX() to local definitions of MINIMUM() and MAXIMUM() where sensible to avoid pulling in the pollution. These are the files confirmed through binary verification. ok guenther, millert, doug (helped with the verification protocol)
Revision 1.8 / (download) - annotate - [select for diffs], Thu Aug 14 12:44:44 2014 UTC (9 years, 9 months ago) by mpi
Branch: MAIN
Changes since 1.7: +1 -2 lines
Diff to previous 1.7 (colored)
No use for <netinet/in_systm.h> nor <netinet/tcpip.h>.
Revision 1.7 / (download) - annotate - [select for diffs], Tue Jun 3 00:21:04 2003 UTC (21 years ago) by jason
Branch: MAIN
CVS Tags: OPENBSD_5_6_BASE,
OPENBSD_5_6,
OPENBSD_5_5_BASE,
OPENBSD_5_5,
OPENBSD_5_4_BASE,
OPENBSD_5_4,
OPENBSD_5_3_BASE,
OPENBSD_5_3,
OPENBSD_5_2_BASE,
OPENBSD_5_2,
OPENBSD_5_1_BASE,
OPENBSD_5_1,
OPENBSD_5_0_BASE,
OPENBSD_5_0,
OPENBSD_4_9_BASE,
OPENBSD_4_9,
OPENBSD_4_8_BASE,
OPENBSD_4_8,
OPENBSD_4_7_BASE,
OPENBSD_4_7,
OPENBSD_4_6_BASE,
OPENBSD_4_6,
OPENBSD_4_5_BASE,
OPENBSD_4_5,
OPENBSD_4_4_BASE,
OPENBSD_4_4,
OPENBSD_4_3_BASE,
OPENBSD_4_3,
OPENBSD_4_2_BASE,
OPENBSD_4_2,
OPENBSD_4_1_BASE,
OPENBSD_4_1,
OPENBSD_4_0_BASE,
OPENBSD_4_0,
OPENBSD_3_9_BASE,
OPENBSD_3_9,
OPENBSD_3_8_BASE,
OPENBSD_3_8,
OPENBSD_3_7_BASE,
OPENBSD_3_7,
OPENBSD_3_6_BASE,
OPENBSD_3_6,
OPENBSD_3_5_BASE,
OPENBSD_3_5,
OPENBSD_3_4_BASE,
OPENBSD_3_4
Changes since 1.6: +1 -6 lines
Diff to previous 1.6 (colored)
last bit of clause 3 & 4 nuking for me.
Revision 1.6 / (download) - annotate - [select for diffs], Wed Oct 30 03:04:04 2002 UTC (21 years, 7 months ago) by fgsch
Branch: MAIN
CVS Tags: OPENBSD_3_3_BASE,
OPENBSD_3_3
Changes since 1.5: +12 -12 lines
Diff to previous 1.5 (colored)
o for gre version 1, correctly check if kp (key present) is unset. o remove trailing spaces for better output. o print sequence, acknowledge and callid as unsigned, and remove key from version 1 since it's actually the payload length (not including the gre header). jason@ ok.
Revision 1.5 / (download) - annotate - [select for diffs], Wed Sep 18 20:40:06 2002 UTC (21 years, 8 months ago) by jason
Branch: MAIN
CVS Tags: OPENBSD_3_2_BASE,
OPENBSD_3_2
Changes since 1.4: +118 -9 lines
Diff to previous 1.4 (colored)
Handle RFC2637 (PPTP defines an enhanced GRE... *sigh*)
Revision 1.4 / (download) - annotate - [select for diffs], Wed Sep 18 19:39:35 2002 UTC (21 years, 8 months ago) by jason
Branch: MAIN
Changes since 1.3: +102 -1 lines
Diff to previous 1.3 (colored)
Fully decode source routing elements defined in rfc1702
Revision 1.3 / (download) - annotate - [select for diffs], Wed Sep 18 18:49:03 2002 UTC (21 years, 8 months ago) by jason
Branch: MAIN
Changes since 1.2: +114 -101 lines
Diff to previous 1.2 (colored)
Rewrite from scratch: same basic functionality, but better license and knows how to skip routing info and process the rest of the packet.
Revision 1.2 / (download) - annotate - [select for diffs], Tue Oct 3 14:31:57 2000 UTC (23 years, 8 months ago) by ho
Branch: MAIN
CVS Tags: OPENBSD_3_1_BASE,
OPENBSD_3_1,
OPENBSD_3_0_BASE,
OPENBSD_3_0,
OPENBSD_2_9_BASE,
OPENBSD_2_9,
OPENBSD_2_8_BASE,
OPENBSD_2_8
Changes since 1.1: +3 -1 lines
Diff to previous 1.1 (colored)
Add $OpenBSD$. (jakob@ ok)
Revision 1.1 / (download) - annotate - [select for diffs], Thu Dec 12 16:22:37 1996 UTC (27 years, 6 months ago) by bitblt
Branch: MAIN
CVS Tags: OPENBSD_2_7_BASE,
OPENBSD_2_7,
OPENBSD_2_6_BASE,
OPENBSD_2_6,
OPENBSD_2_5_BASE,
OPENBSD_2_5,
OPENBSD_2_4_BASE,
OPENBSD_2_4,
OPENBSD_2_3_BASE,
OPENBSD_2_3,
OPENBSD_2_2_BASE,
OPENBSD_2_2,
OPENBSD_2_1_BASE,
OPENBSD_2_1
*** empty log message ***