diff --git a/.gitignore b/.gitignore index 1141b51..8b13cdc 100644 --- a/.gitignore +++ b/.gitignore @@ -1,2 +1,2 @@ -SOURCES/tcpdump-4.9.0.tar.gz +SOURCES/tcpdump-4.9.2.tar.gz SOURCES/tcpslice-1.2a3.tar.gz diff --git a/.tcpdump.metadata b/.tcpdump.metadata index 223998b..0bccb2a 100644 --- a/.tcpdump.metadata +++ b/.tcpdump.metadata @@ -1,2 +1,2 @@ -2c4193685edb1040506a9ec0f15cd85825085697 SOURCES/tcpdump-4.9.0.tar.gz +f7dccebe94c3d07ac8744d43297ea2b98b35a13f SOURCES/tcpdump-4.9.2.tar.gz 98790301cb1bf4399a95153bc62d49b3f5808994 SOURCES/tcpslice-1.2a3.tar.gz diff --git a/SOURCES/0001-icmp6-print-Reachable-Time-and-Retransmit-Time-from-.patch b/SOURCES/0001-icmp6-print-Reachable-Time-and-Retransmit-Time-from-.patch index c5e54ae..f79caac 100644 --- a/SOURCES/0001-icmp6-print-Reachable-Time-and-Retransmit-Time-from-.patch +++ b/SOURCES/0001-icmp6-print-Reachable-Time-and-Retransmit-Time-from-.patch @@ -1,7 +1,7 @@ -From f19e0376b8e98b38240d28eb9e6f78c465bb1c6e Mon Sep 17 00:00:00 2001 +From 71083535d1aa4cf0f858553dda2efcace31f4967 Mon Sep 17 00:00:00 2001 From: rpm-build Date: Mon, 20 Oct 2014 13:34:24 +0200 -Subject: [PATCH 1/8] icmp6: print Reachable Time and Retransmit Time from +Subject: [PATCH 01/13] icmp6: print Reachable Time and Retransmit Time from ICMPv6 as milliseconds --- @@ -9,7 +9,7 @@ Subject: [PATCH 1/8] icmp6: print Reachable Time and Retransmit Time from 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/print-icmp6.c b/print-icmp6.c -index 7fe639d..cfaa2df 100644 +index 42fe19f..1980a7a 100644 --- a/print-icmp6.c +++ b/print-icmp6.c @@ -1034,7 +1034,7 @@ icmp6_print(netdissect_options *ndo, @@ -22,5 +22,5 @@ index 7fe639d..cfaa2df 100644 bittok2str(icmp6_opt_ra_flag_values,"none",(p->nd_ra_flags_reserved)), get_rtpref(p->nd_ra_flags_reserved), -- -2.9.3 +2.13.5 diff --git a/SOURCES/0002-Use-getnameinfo-instead-of-gethostbyaddr.patch b/SOURCES/0002-Use-getnameinfo-instead-of-gethostbyaddr.patch index 28bce58..8278a6b 100644 --- a/SOURCES/0002-Use-getnameinfo-instead-of-gethostbyaddr.patch +++ b/SOURCES/0002-Use-getnameinfo-instead-of-gethostbyaddr.patch @@ -1,17 +1,17 @@ -From c48fba64fbbff9c75c79e32ab33aa65742c197d9 Mon Sep 17 00:00:00 2001 +From ac19c334d4147d5fcdd4daa2ed6687340a2cd4b0 Mon Sep 17 00:00:00 2001 From: rpm-build Date: Mon, 20 Oct 2014 14:12:46 +0200 -Subject: [PATCH 2/8] Use getnameinfo instead of gethostbyaddr +Subject: [PATCH 02/13] Use getnameinfo instead of gethostbyaddr --- addrtoname.c | 48 ++++++++++++++++++++++++++++++++++++++++++++++-- 1 file changed, 46 insertions(+), 2 deletions(-) diff --git a/addrtoname.c b/addrtoname.c -index 6975b71..949acb7 100644 +index df7c2ce..a1e360d 100644 --- a/addrtoname.c +++ b/addrtoname.c -@@ -220,7 +220,6 @@ static uint32_t f_localnet; +@@ -230,7 +230,6 @@ static uint32_t f_localnet; const char * getname(netdissect_options *ndo, const u_char *ap) { @@ -19,7 +19,7 @@ index 6975b71..949acb7 100644 uint32_t addr; struct hnamemem *p; -@@ -242,6 +241,28 @@ getname(netdissect_options *ndo, const u_char *ap) +@@ -252,6 +251,28 @@ getname(netdissect_options *ndo, const u_char *ap) */ if (!ndo->ndo_nflag && (addr & f_netmask) == f_localnet) { @@ -48,7 +48,7 @@ index 6975b71..949acb7 100644 hp = gethostbyaddr((char *)&addr, 4, AF_INET); if (hp) { char *dotp; -@@ -258,6 +279,7 @@ getname(netdissect_options *ndo, const u_char *ap) +@@ -268,6 +289,7 @@ getname(netdissect_options *ndo, const u_char *ap) } return (p->name); } @@ -56,7 +56,7 @@ index 6975b71..949acb7 100644 } p->name = strdup(intoa(addr)); if (p->name == NULL) -@@ -272,7 +294,6 @@ getname(netdissect_options *ndo, const u_char *ap) +@@ -282,7 +304,6 @@ getname(netdissect_options *ndo, const u_char *ap) const char * getname6(netdissect_options *ndo, const u_char *ap) { @@ -64,7 +64,7 @@ index 6975b71..949acb7 100644 union { struct in6_addr addr; struct for_hash_addr { -@@ -297,6 +318,28 @@ getname6(netdissect_options *ndo, const u_char *ap) +@@ -307,6 +328,28 @@ getname6(netdissect_options *ndo, const u_char *ap) * Do not print names if -n was given. */ if (!ndo->ndo_nflag) { @@ -93,7 +93,7 @@ index 6975b71..949acb7 100644 hp = gethostbyaddr((char *)&addr, sizeof(addr), AF_INET6); if (hp) { char *dotp; -@@ -313,6 +356,7 @@ getname6(netdissect_options *ndo, const u_char *ap) +@@ -323,6 +366,7 @@ getname6(netdissect_options *ndo, const u_char *ap) } return (p->name); } @@ -102,5 +102,5 @@ index 6975b71..949acb7 100644 cp = addrtostr6(ap, ntop_buf, sizeof(ntop_buf)); p->name = strdup(cp); -- -2.9.3 +2.13.5 diff --git a/SOURCES/0003-tcpslice-update-tcpslice-patch-to-1.2a3.patch b/SOURCES/0003-tcpslice-update-tcpslice-patch-to-1.2a3.patch new file mode 100644 index 0000000..ac24cb2 --- /dev/null +++ b/SOURCES/0003-tcpslice-update-tcpslice-patch-to-1.2a3.patch @@ -0,0 +1,88 @@ +From 13d7bc17050345bd873da008460f176a7942d05c Mon Sep 17 00:00:00 2001 +From: rpm-build +Date: Mon, 20 Oct 2014 14:43:04 +0200 +Subject: [PATCH 03/13] tcpslice: update tcpslice patch to 1.2a3 + +--- + tcpslice-1.2a3/search.c | 22 +++++++++++++++------- + tcpslice-1.2a3/tcpslice.h | 20 ++++++++++++++++++++ + 2 files changed, 35 insertions(+), 7 deletions(-) + +diff --git a/tcpslice-1.2a3/search.c b/tcpslice-1.2a3/search.c +index 1e2d051..23aa105 100644 +--- a/tcpslice-1.2a3/search.c ++++ b/tcpslice-1.2a3/search.c +@@ -53,7 +53,7 @@ static const char rcsid[] = + /* Size of a packet header in bytes; easier than typing the sizeof() all + * the time ... + */ +-#define PACKET_HDR_LEN (sizeof( struct pcap_pkthdr )) ++#define PACKET_HDR_LEN (sizeof( struct pcap_sf_pkthdr )) + + extern int snaplen; + +@@ -111,16 +111,24 @@ reasonable_header( struct pcap_pkthdr *hdr, time_t first_time, time_t last_time + static void + extract_header( pcap_t *p, u_char *buf, struct pcap_pkthdr *hdr ) + { +- memcpy((char *) hdr, (char *) buf, sizeof(struct pcap_pkthdr)); ++ struct pcap_sf_pkthdr hdri; ++ ++ memcpy((char *) &hdri, (char *) buf, sizeof(struct pcap_sf_pkthdr)); + + if ( pcap_is_swapped( p ) ) + { +- hdr->ts.tv_sec = SWAPLONG(hdr->ts.tv_sec); +- hdr->ts.tv_usec = SWAPLONG(hdr->ts.tv_usec); +- hdr->len = SWAPLONG(hdr->len); +- hdr->caplen = SWAPLONG(hdr->caplen); ++ hdr->ts.tv_sec = SWAPLONG(hdri.ts.tv_sec); ++ hdr->ts.tv_usec = SWAPLONG(hdri.ts.tv_usec); ++ hdr->len = SWAPLONG(hdri.len); ++ hdr->caplen = SWAPLONG(hdri.caplen); ++ } ++ else ++ { ++ hdr->ts.tv_sec = hdri.ts.tv_sec; ++ hdr->ts.tv_usec = hdri.ts.tv_usec; ++ hdr->len = hdri.len; ++ hdr->caplen = hdri.caplen; + } +- + /* + * From bpf/libpcap/savefile.c: + * +diff --git a/tcpslice-1.2a3/tcpslice.h b/tcpslice-1.2a3/tcpslice.h +index de4a01c..9dcd1a1 100644 +--- a/tcpslice-1.2a3/tcpslice.h ++++ b/tcpslice-1.2a3/tcpslice.h +@@ -20,6 +20,26 @@ + */ + + ++#include ++/* #include */ ++ ++/* ++ * This is a timeval as stored in disk in a dumpfile. ++ * It has to use the same types everywhere, independent of the actual ++ * `struct timeval' ++ */ ++ ++struct pcap_timeval { ++ bpf_int32 tv_sec; /* seconds */ ++ bpf_int32 tv_usec; /* microseconds */ ++}; ++ ++struct pcap_sf_pkthdr { ++ struct pcap_timeval ts; /* time stamp */ ++ bpf_u_int32 caplen; /* length of portion present */ ++ bpf_u_int32 len; /* length this packet (off wire) */ ++}; ++ + time_t gwtm2secs( struct tm *tm ); + + int sf_find_end( struct pcap *p, struct timeval *first_timestamp, +-- +2.13.5 + diff --git a/SOURCES/0004-tcpslice-remove-unneeded-include.patch b/SOURCES/0004-tcpslice-remove-unneeded-include.patch new file mode 100644 index 0000000..023682a --- /dev/null +++ b/SOURCES/0004-tcpslice-remove-unneeded-include.patch @@ -0,0 +1,26 @@ +From fb802b7fe7430d4714731955110678e211f020c8 Mon Sep 17 00:00:00 2001 +From: rpm-build +Date: Mon, 20 Oct 2014 15:06:54 +0200 +Subject: [PATCH 04/13] tcpslice: remove unneeded include + +net/bpf.h doesn't exist on Linux. +--- + tcpslice-1.2a3/tcpslice.c | 2 -- + 1 file changed, 2 deletions(-) + +diff --git a/tcpslice-1.2a3/tcpslice.c b/tcpslice-1.2a3/tcpslice.c +index e73d76f..895e54f 100644 +--- a/tcpslice-1.2a3/tcpslice.c ++++ b/tcpslice-1.2a3/tcpslice.c +@@ -35,8 +35,6 @@ static const char rcsid[] = + #include + #include + +-#include +- + #include + #ifdef HAVE_FCNTL_H + #include +-- +2.13.5 + diff --git a/SOURCES/0004-tcpslice-update-tcpslice-patch-to-1.2a3.patch b/SOURCES/0004-tcpslice-update-tcpslice-patch-to-1.2a3.patch deleted file mode 100644 index d6973ac..0000000 --- a/SOURCES/0004-tcpslice-update-tcpslice-patch-to-1.2a3.patch +++ /dev/null @@ -1,88 +0,0 @@ -From 954c235f6db6f601d732b6fce48d2e8183c05d49 Mon Sep 17 00:00:00 2001 -From: rpm-build -Date: Mon, 20 Oct 2014 14:43:04 +0200 -Subject: [PATCH 4/8] tcpslice: update tcpslice patch to 1.2a3 - ---- - tcpslice-1.2a3/search.c | 22 +++++++++++++++------- - tcpslice-1.2a3/tcpslice.h | 20 ++++++++++++++++++++ - 2 files changed, 35 insertions(+), 7 deletions(-) - -diff --git a/tcpslice-1.2a3/search.c b/tcpslice-1.2a3/search.c -index 1e2d051..23aa105 100644 ---- a/tcpslice-1.2a3/search.c -+++ b/tcpslice-1.2a3/search.c -@@ -53,7 +53,7 @@ static const char rcsid[] = - /* Size of a packet header in bytes; easier than typing the sizeof() all - * the time ... - */ --#define PACKET_HDR_LEN (sizeof( struct pcap_pkthdr )) -+#define PACKET_HDR_LEN (sizeof( struct pcap_sf_pkthdr )) - - extern int snaplen; - -@@ -111,16 +111,24 @@ reasonable_header( struct pcap_pkthdr *hdr, time_t first_time, time_t last_time - static void - extract_header( pcap_t *p, u_char *buf, struct pcap_pkthdr *hdr ) - { -- memcpy((char *) hdr, (char *) buf, sizeof(struct pcap_pkthdr)); -+ struct pcap_sf_pkthdr hdri; -+ -+ memcpy((char *) &hdri, (char *) buf, sizeof(struct pcap_sf_pkthdr)); - - if ( pcap_is_swapped( p ) ) - { -- hdr->ts.tv_sec = SWAPLONG(hdr->ts.tv_sec); -- hdr->ts.tv_usec = SWAPLONG(hdr->ts.tv_usec); -- hdr->len = SWAPLONG(hdr->len); -- hdr->caplen = SWAPLONG(hdr->caplen); -+ hdr->ts.tv_sec = SWAPLONG(hdri.ts.tv_sec); -+ hdr->ts.tv_usec = SWAPLONG(hdri.ts.tv_usec); -+ hdr->len = SWAPLONG(hdri.len); -+ hdr->caplen = SWAPLONG(hdri.caplen); -+ } -+ else -+ { -+ hdr->ts.tv_sec = hdri.ts.tv_sec; -+ hdr->ts.tv_usec = hdri.ts.tv_usec; -+ hdr->len = hdri.len; -+ hdr->caplen = hdri.caplen; - } -- - /* - * From bpf/libpcap/savefile.c: - * -diff --git a/tcpslice-1.2a3/tcpslice.h b/tcpslice-1.2a3/tcpslice.h -index de4a01c..9dcd1a1 100644 ---- a/tcpslice-1.2a3/tcpslice.h -+++ b/tcpslice-1.2a3/tcpslice.h -@@ -20,6 +20,26 @@ - */ - - -+#include -+/* #include */ -+ -+/* -+ * This is a timeval as stored in disk in a dumpfile. -+ * It has to use the same types everywhere, independent of the actual -+ * `struct timeval' -+ */ -+ -+struct pcap_timeval { -+ bpf_int32 tv_sec; /* seconds */ -+ bpf_int32 tv_usec; /* microseconds */ -+}; -+ -+struct pcap_sf_pkthdr { -+ struct pcap_timeval ts; /* time stamp */ -+ bpf_u_int32 caplen; /* length of portion present */ -+ bpf_u_int32 len; /* length this packet (off wire) */ -+}; -+ - time_t gwtm2secs( struct tm *tm ); - - int sf_find_end( struct pcap *p, struct timeval *first_timestamp, --- -2.9.3 - diff --git a/SOURCES/0005-tcpslice-don-t-test-the-pointer-but-pointee-for-NULL.patch b/SOURCES/0005-tcpslice-don-t-test-the-pointer-but-pointee-for-NULL.patch new file mode 100644 index 0000000..ebb8e0c --- /dev/null +++ b/SOURCES/0005-tcpslice-don-t-test-the-pointer-but-pointee-for-NULL.patch @@ -0,0 +1,27 @@ +From e010a585a52c0e4b127190d45cd51b906872f948 Mon Sep 17 00:00:00 2001 +From: rpm-build +Date: Mon, 20 Oct 2014 15:19:44 +0200 +Subject: [PATCH 05/13] tcpslice: don't test the pointer but pointee for NULL + +--- + tcpslice-1.2a3/tcpslice.c | 4 +++- + 1 file changed, 3 insertions(+), 1 deletion(-) + +diff --git a/tcpslice-1.2a3/tcpslice.c b/tcpslice-1.2a3/tcpslice.c +index 895e54f..a91439b 100644 +--- a/tcpslice-1.2a3/tcpslice.c ++++ b/tcpslice-1.2a3/tcpslice.c +@@ -402,7 +402,9 @@ fill_tm(char *time_string, int is_delta, struct tm *t, time_t *usecs_addr) + + while (isdigit(*t_stop)) + ++t_stop; +- if (! t_stop) ++ ++ if (!(*t_stop)) ++ /* we've reached end of string -> bad date format */ + error("bad date format %s, problem starting at %s", + time_string, t_start); + +-- +2.13.5 + diff --git a/SOURCES/0005-tcpslice-remove-unneeded-include.patch b/SOURCES/0005-tcpslice-remove-unneeded-include.patch deleted file mode 100644 index 2413575..0000000 --- a/SOURCES/0005-tcpslice-remove-unneeded-include.patch +++ /dev/null @@ -1,26 +0,0 @@ -From d32956586bfb50b189132d5a15db8a50ef871278 Mon Sep 17 00:00:00 2001 -From: rpm-build -Date: Mon, 20 Oct 2014 15:06:54 +0200 -Subject: [PATCH 5/8] tcpslice: remove unneeded include - -net/bpf.h doesn't exist on Linux. ---- - tcpslice-1.2a3/tcpslice.c | 2 -- - 1 file changed, 2 deletions(-) - -diff --git a/tcpslice-1.2a3/tcpslice.c b/tcpslice-1.2a3/tcpslice.c -index e73d76f..895e54f 100644 ---- a/tcpslice-1.2a3/tcpslice.c -+++ b/tcpslice-1.2a3/tcpslice.c -@@ -35,8 +35,6 @@ static const char rcsid[] = - #include - #include - --#include -- - #include - #ifdef HAVE_FCNTL_H - #include --- -2.9.3 - diff --git a/SOURCES/0006-Introduce-nn-option.patch b/SOURCES/0006-Introduce-nn-option.patch new file mode 100644 index 0000000..73945bb --- /dev/null +++ b/SOURCES/0006-Introduce-nn-option.patch @@ -0,0 +1,55 @@ +From d8d7143f1c0ca5a36f7d1f1092d360afbf4e71d3 Mon Sep 17 00:00:00 2001 +From: rpm-build +Date: Mon, 20 Oct 2014 13:26:38 +0200 +Subject: [PATCH 06/13] Introduce -nn option + +This changes the semantics on -n option so only namelookups are skipped. Port +numbers *are* translated to their string representations. Option -nn then has +the same semantics as -n had originally. +--- + addrtoname.c | 4 ++-- + tcpdump.1.in | 6 +++++- + 2 files changed, 7 insertions(+), 3 deletions(-) + +diff --git a/addrtoname.c b/addrtoname.c +index a1e360d..f8e777c 100644 +--- a/addrtoname.c ++++ b/addrtoname.c +@@ -822,7 +822,7 @@ init_servarray(netdissect_options *ndo) + + while (table->name) + table = table->nxt; +- if (ndo->ndo_nflag) { ++ if (ndo->ndo_nflag > 1) { + (void)snprintf(buf, sizeof(buf), "%d", port); + table->name = strdup(buf); + } else +@@ -1245,7 +1245,7 @@ init_addrtoname(netdissect_options *ndo, uint32_t localnet, uint32_t mask) + f_localnet = localnet; + f_netmask = mask; + } +- if (ndo->ndo_nflag) ++ if (ndo->ndo_nflag > 1) + /* + * Simplest way to suppress names. + */ +diff --git a/tcpdump.1.in b/tcpdump.1.in +index 081e5d1..f233934 100644 +--- a/tcpdump.1.in ++++ b/tcpdump.1.in +@@ -544,7 +544,11 @@ Use \fIsecret\fP as a shared secret for validating the digests found in + TCP segments with the TCP-MD5 option (RFC 2385), if present. + .TP + .B \-n +-Don't convert addresses (i.e., host addresses, port numbers, etc.) to names. ++Don't convert host addresses to names. This can be used to avoid ++DNS lookups. ++.TP ++.B \-nn ++Don't convert protocol and port numbers etc. to names either. + .TP + .B \-N + Don't print domain name qualification of host names. +-- +2.13.5 + diff --git a/SOURCES/0006-tcpslice-don-t-test-the-pointer-but-pointee-for-NULL.patch b/SOURCES/0006-tcpslice-don-t-test-the-pointer-but-pointee-for-NULL.patch deleted file mode 100644 index 60efc1c..0000000 --- a/SOURCES/0006-tcpslice-don-t-test-the-pointer-but-pointee-for-NULL.patch +++ /dev/null @@ -1,27 +0,0 @@ -From e159008d2f126d92112858269fb6b2fbca63ffc2 Mon Sep 17 00:00:00 2001 -From: rpm-build -Date: Mon, 20 Oct 2014 15:19:44 +0200 -Subject: [PATCH 6/8] tcpslice: don't test the pointer but pointee for NULL - ---- - tcpslice-1.2a3/tcpslice.c | 4 +++- - 1 file changed, 3 insertions(+), 1 deletion(-) - -diff --git a/tcpslice-1.2a3/tcpslice.c b/tcpslice-1.2a3/tcpslice.c -index 895e54f..a91439b 100644 ---- a/tcpslice-1.2a3/tcpslice.c -+++ b/tcpslice-1.2a3/tcpslice.c -@@ -402,7 +402,9 @@ fill_tm(char *time_string, int is_delta, struct tm *t, time_t *usecs_addr) - - while (isdigit(*t_stop)) - ++t_stop; -- if (! t_stop) -+ -+ if (!(*t_stop)) -+ /* we've reached end of string -> bad date format */ - error("bad date format %s, problem starting at %s", - time_string, t_start); - --- -2.9.3 - diff --git a/SOURCES/0007-Don-t-print-out-we-dropped-root-we-are-always-droppi.patch b/SOURCES/0007-Don-t-print-out-we-dropped-root-we-are-always-droppi.patch new file mode 100644 index 0000000..0cedc8b --- /dev/null +++ b/SOURCES/0007-Don-t-print-out-we-dropped-root-we-are-always-droppi.patch @@ -0,0 +1,36 @@ +From f853995b93dd4c533c09ce67647b0cfd4dca6b9b Mon Sep 17 00:00:00 2001 +From: rpm-build +Date: Fri, 3 Feb 2017 09:43:03 +0100 +Subject: [PATCH 07/13] Don't print out we dropped root, we are always dropping + it + +--- + tcpdump.c | 5 ----- + 1 file changed, 5 deletions(-) + +diff --git a/tcpdump.c b/tcpdump.c +index d9c7f7a..e4e0d89 100644 +--- a/tcpdump.c ++++ b/tcpdump.c +@@ -609,8 +609,6 @@ droproot(const char *username, const char *chroot_dir) + int ret = capng_change_id(pw->pw_uid, pw->pw_gid, CAPNG_NO_FLAG); + if (ret < 0) { + fprintf(stderr, "error : ret %d\n", ret); +- } else { +- fprintf(stderr, "dropped privs to %s\n", username); + } + } + #else +@@ -623,9 +621,6 @@ droproot(const char *username, const char *chroot_dir) + pcap_strerror(errno)); + exit_tcpdump(1); + } +- else { +- fprintf(stderr, "dropped privs to %s\n", username); +- } + #endif /* HAVE_LIBCAP_NG */ + } + else { +-- +2.13.5 + diff --git a/SOURCES/0007-Introduce-nn-option.patch b/SOURCES/0007-Introduce-nn-option.patch deleted file mode 100644 index 1e64d8b..0000000 --- a/SOURCES/0007-Introduce-nn-option.patch +++ /dev/null @@ -1,55 +0,0 @@ -From 9ea43c6c97d3653cb58c1934f8770b951917bf9a Mon Sep 17 00:00:00 2001 -From: rpm-build -Date: Mon, 20 Oct 2014 13:26:38 +0200 -Subject: [PATCH 7/8] Introduce -nn option - -This changes the semantics on -n option so only namelookups are skipped. Port -numbers *are* translated to their string representations. Option -nn then has -the same semantics as -n had originally. ---- - addrtoname.c | 4 ++-- - tcpdump.1.in | 6 +++++- - 2 files changed, 7 insertions(+), 3 deletions(-) - -diff --git a/addrtoname.c b/addrtoname.c -index 949acb7..9dd78d8 100644 ---- a/addrtoname.c -+++ b/addrtoname.c -@@ -810,7 +810,7 @@ init_servarray(netdissect_options *ndo) - - while (table->name) - table = table->nxt; -- if (ndo->ndo_nflag) { -+ if (ndo->ndo_nflag > 1) { - (void)snprintf(buf, sizeof(buf), "%d", port); - table->name = strdup(buf); - } else -@@ -1233,7 +1233,7 @@ init_addrtoname(netdissect_options *ndo, uint32_t localnet, uint32_t mask) - f_localnet = localnet; - f_netmask = mask; - } -- if (ndo->ndo_nflag) -+ if (ndo->ndo_nflag > 1) - /* - * Simplest way to suppress names. - */ -diff --git a/tcpdump.1.in b/tcpdump.1.in -index ca5cff2..c711a24 100644 ---- a/tcpdump.1.in -+++ b/tcpdump.1.in -@@ -547,7 +547,11 @@ Use \fIsecret\fP as a shared secret for validating the digests found in - TCP segments with the TCP-MD5 option (RFC 2385), if present. - .TP - .B \-n --Don't convert addresses (i.e., host addresses, port numbers, etc.) to names. -+Don't convert host addresses to names. This can be used to avoid -+DNS lookups. -+.TP -+.B \-nn -+Don't convert protocol and port numbers etc. to names either. - .TP - .B \-N - Don't print domain name qualification of host names. --- -2.9.3 - diff --git a/SOURCES/0008-Change-P-to-Q-and-print-warning.patch b/SOURCES/0008-Change-P-to-Q-and-print-warning.patch new file mode 100644 index 0000000..a278eb4 --- /dev/null +++ b/SOURCES/0008-Change-P-to-Q-and-print-warning.patch @@ -0,0 +1,107 @@ +From 8a60760db57f496c2f893486f245b40560653ccd Mon Sep 17 00:00:00 2001 +From: rpm-build +Date: Mon, 20 Feb 2017 11:01:19 +0100 +Subject: [PATCH 08/13] Change -P to -Q and print warning + +Guy Harris points that -P is already taken by MacOS derived work and +that the only remaining single-letter option is -Q (see GH #252). Fix +some formatting while at it. +--- + tcpdump.1.in | 4 ++-- + tcpdump.c | 23 +++++++++++++---------- + 2 files changed, 15 insertions(+), 12 deletions(-) + +diff --git a/tcpdump.1.in b/tcpdump.1.in +index f233934..88b1266 100644 +--- a/tcpdump.1.in ++++ b/tcpdump.1.in +@@ -74,7 +74,7 @@ tcpdump \- dump traffic on a network + .B \-\-number + ] + [ +-.B \-Q ++.B \-Q|\-P + .I in|out|inout + ] + .ti +8 +@@ -583,7 +583,7 @@ Note that the interface might be in promiscuous + mode for some other reason; hence, `-p' cannot be used as an abbreviation for + `ether host {local-hw-addr} or ether broadcast'. + .TP +-.BI \-Q " direction" ++.BI \-Q|\-P " direction" + .PD 0 + .TP + .BI \-\-direction= direction +diff --git a/tcpdump.c b/tcpdump.c +index e4e0d89..d7b094b 100644 +--- a/tcpdump.c ++++ b/tcpdump.c +@@ -157,7 +157,7 @@ static int Jflag; /* list available time stamp types */ + static int jflag = -1; /* packet time stamp source */ + static int pflag; /* don't go promiscuous */ + #ifdef HAVE_PCAP_SETDIRECTION +-static int Qflag = -1; /* restrict captured packet by send/receive direction */ ++static int PQflag = -1; /* restrict captured packet by send/receive direction */ + #endif + static int Uflag; /* "unbuffered" output of dump files */ + static int Wflag; /* recycle output files after this number of files */ +@@ -509,12 +509,12 @@ show_devices_and_exit (void) + #endif + + #ifdef HAVE_PCAP_SETDIRECTION +-#define Q_FLAG "Q:" ++#define PQ_FLAG "P:Q:" + #else +-#define Q_FLAG ++#define PQ_FLAG + #endif + +-#define SHORTOPTS "aAb" B_FLAG "c:C:d" D_FLAG "eE:fF:G:hHi:" I_FLAG j_FLAG J_FLAG "KlLm:M:nNOpq" Q_FLAG "r:s:StT:u" U_FLAG "vV:w:W:xXy:Yz:Z:#" ++#define SHORTOPTS "aAb" B_FLAG "c:C:d" D_FLAG "eE:fF:G:hHi:" I_FLAG j_FLAG J_FLAG "KlLm:M:nNOpq" PQ_FLAG "r:s:StT:u" U_FLAG "vV:w:W:xXy:Yz:Z:#" + + /* + * Long options. +@@ -1059,8 +1059,8 @@ open_interface(const char *device, netdissect_options *ndo, char *ebuf) + pcap_statustostr(status)); + } + #ifdef HAVE_PCAP_SETDIRECTION +- if (Qflag != -1) { +- status = pcap_setdirection(pc, Qflag); ++ if (PQflag != -1) { ++ status = pcap_setdirection(pc, PQflag); + if (status != 0) + error("%s: pcap_setdirection() failed: %s", + device, pcap_geterr(pc)); +@@ -1343,13 +1343,16 @@ main(int argc, char **argv) + break; + + #ifdef HAVE_PCAP_SETDIRECTION ++ case 'P': ++ fprintf(stderr, "Warning: -P switch is not compatible with the upstream version. You should use -Q instead.\n"); ++ /* Intentional fall through */ + case 'Q': + if (ascii_strcasecmp(optarg, "in") == 0) +- Qflag = PCAP_D_IN; ++ PQflag = PCAP_D_IN; + else if (ascii_strcasecmp(optarg, "out") == 0) +- Qflag = PCAP_D_OUT; ++ PQflag = PCAP_D_OUT; + else if (ascii_strcasecmp(optarg, "inout") == 0) +- Qflag = PCAP_D_INOUT; ++ PQflag = PCAP_D_INOUT; + else + error("unknown capture direction `%s'", optarg); + break; +@@ -2613,7 +2616,7 @@ print_usage(void) + "\t\t[ -i interface ]" j_FLAG_USAGE " [ -M secret ] [ --number ]\n"); + #ifdef HAVE_PCAP_SETDIRECTION + (void)fprintf(stderr, +-"\t\t[ -Q in|out|inout ]\n"); ++"\t\t[ -Q|-P in|out|inout ]\n"); + #endif + (void)fprintf(stderr, + "\t\t[ -r file ] [ -s snaplen ] "); +-- +2.13.5 + diff --git a/SOURCES/0008-Don-t-print-out-we-dropped-root-we-are-always-droppi.patch b/SOURCES/0008-Don-t-print-out-we-dropped-root-we-are-always-droppi.patch deleted file mode 100644 index 2e4551c..0000000 --- a/SOURCES/0008-Don-t-print-out-we-dropped-root-we-are-always-droppi.patch +++ /dev/null @@ -1,36 +0,0 @@ -From d5508c13119404102104a3935e7445c9fddf79b5 Mon Sep 17 00:00:00 2001 -From: rpm-build -Date: Fri, 3 Feb 2017 09:43:03 +0100 -Subject: [PATCH 8/8] Don't print out we dropped root, we are always dropping - it - ---- - tcpdump.c | 5 ----- - 1 file changed, 5 deletions(-) - -diff --git a/tcpdump.c b/tcpdump.c -index 29f7f87..18c4a5c 100644 ---- a/tcpdump.c -+++ b/tcpdump.c -@@ -618,8 +618,6 @@ droproot(const char *username, const char *chroot_dir) - int ret = capng_change_id(pw->pw_uid, pw->pw_gid, CAPNG_NO_FLAG); - if (ret < 0) { - fprintf(stderr, "error : ret %d\n", ret); -- } else { -- fprintf(stderr, "dropped privs to %s\n", username); - } - } - #else -@@ -632,9 +630,6 @@ droproot(const char *username, const char *chroot_dir) - pcap_strerror(errno)); - exit_tcpdump(1); - } -- else { -- fprintf(stderr, "dropped privs to %s\n", username); -- } - #endif /* HAVE_LIBCAP_NG */ - } - else { --- -2.9.3 - diff --git a/SOURCES/0009-Change-P-to-Q-and-print-warning.patch b/SOURCES/0009-Change-P-to-Q-and-print-warning.patch deleted file mode 100644 index f443700..0000000 --- a/SOURCES/0009-Change-P-to-Q-and-print-warning.patch +++ /dev/null @@ -1,107 +0,0 @@ -From 3dae043c2a0c4d855719f5f34b6702995c82b7bb Mon Sep 17 00:00:00 2001 -From: rpm-build -Date: Mon, 20 Feb 2017 11:01:19 +0100 -Subject: [PATCH] Change -P to -Q and print warning - -Guy Harris points that -P is already taken by MacOS derived work and -that the only remaining single-letter option is -Q (see GH #252). Fix -some formatting while at it. ---- - tcpdump.1.in | 4 ++-- - tcpdump.c | 23 +++++++++++++---------- - 2 files changed, 15 insertions(+), 12 deletions(-) - -diff --git a/tcpdump.1.in b/tcpdump.1.in -index c711a24..10b7542 100644 ---- a/tcpdump.1.in -+++ b/tcpdump.1.in -@@ -74,7 +74,7 @@ tcpdump \- dump traffic on a network - .B \-\-number - ] - [ --.B \-Q -+.B \-Q|\-P - .I in|out|inout - ] - .ti +8 -@@ -586,7 +586,7 @@ Note that the interface might be in promiscuous - mode for some other reason; hence, `-p' cannot be used as an abbreviation for - `ether host {local-hw-addr} or ether broadcast'. - .TP --.BI \-Q " direction" -+.BI \-Q|\-P " direction" - .PD 0 - .TP - .BI \-\-direction= direction -diff --git a/tcpdump.c b/tcpdump.c -index 18c4a5c..816fbe1 100644 ---- a/tcpdump.c -+++ b/tcpdump.c -@@ -157,7 +157,7 @@ static int Jflag; /* list available time stamp types */ - static int jflag = -1; /* packet time stamp source */ - static int pflag; /* don't go promiscuous */ - #ifdef HAVE_PCAP_SETDIRECTION --static int Qflag = -1; /* restrict captured packet by send/receive direction */ -+static int PQflag = -1; /* restrict captured packet by send/receive direction */ - #endif - static int Uflag; /* "unbuffered" output of dump files */ - static int Wflag; /* recycle output files after this number of files */ -@@ -518,12 +518,12 @@ show_devices_and_exit (void) - #endif - - #ifdef HAVE_PCAP_SETDIRECTION --#define Q_FLAG "Q:" -+#define PQ_FLAG "P:Q:" - #else --#define Q_FLAG -+#define PQ_FLAG - #endif - --#define SHORTOPTS "aAb" B_FLAG "c:C:d" D_FLAG "eE:fF:G:hHi:" I_FLAG j_FLAG J_FLAG "KlLm:M:nNOpq" Q_FLAG "r:s:StT:u" U_FLAG "vV:w:W:xXy:Yz:Z:#" -+#define SHORTOPTS "aAb" B_FLAG "c:C:d" D_FLAG "eE:fF:G:hHi:" I_FLAG j_FLAG J_FLAG "KlLm:M:nNOpq" PQ_FLAG "r:s:StT:u" U_FLAG "vV:w:W:xXy:Yz:Z:#" - - /* - * Long options. -@@ -1068,8 +1068,8 @@ open_interface(const char *device, netdissect_options *ndo, char *ebuf) - pcap_statustostr(status)); - } - #ifdef HAVE_PCAP_SETDIRECTION -- if (Qflag != -1) { -- status = pcap_setdirection(pc, Qflag); -+ if (PQflag != -1) { -+ status = pcap_setdirection(pc, PQflag); - if (status != 0) - error("%s: pcap_setdirection() failed: %s", - device, pcap_geterr(pc)); -@@ -1353,13 +1353,16 @@ main(int argc, char **argv) - break; - - #ifdef HAVE_PCAP_SETDIRECTION -+ case 'P': -+ fprintf(stderr, "Warning: -P switch is not compatible with the upstream version. You should use -Q instead.\n"); -+ /* Intentional fall through */ - case 'Q': - if (ascii_strcasecmp(optarg, "in") == 0) -- Qflag = PCAP_D_IN; -+ PQflag = PCAP_D_IN; - else if (ascii_strcasecmp(optarg, "out") == 0) -- Qflag = PCAP_D_OUT; -+ PQflag = PCAP_D_OUT; - else if (ascii_strcasecmp(optarg, "inout") == 0) -- Qflag = PCAP_D_INOUT; -+ PQflag = PCAP_D_INOUT; - else - error("unknown capture direction `%s'", optarg); - break; -@@ -2639,7 +2642,7 @@ print_usage(void) - "\t\t[ -i interface ]" j_FLAG_USAGE " [ -M secret ] [ --number ]\n"); - #ifdef HAVE_PCAP_SETDIRECTION - (void)fprintf(stderr, --"\t\t[ -Q in|out|inout ]\n"); -+"\t\t[ -Q|-P in|out|inout ]\n"); - #endif - (void)fprintf(stderr, - "\t\t[ -r file ] [ -s snaplen ] "); --- -2.9.3 - diff --git a/SOURCES/0009-Change-n-flag-to-nn-in-TESTonce.patch b/SOURCES/0009-Change-n-flag-to-nn-in-TESTonce.patch new file mode 100644 index 0000000..53a9556 --- /dev/null +++ b/SOURCES/0009-Change-n-flag-to-nn-in-TESTonce.patch @@ -0,0 +1,27 @@ +From 04e23aa3f91ff137237daf68f02e7b3c0c1a9168 Mon Sep 17 00:00:00 2001 +From: rpm-build +Date: Tue, 11 Apr 2017 09:19:48 +0200 +Subject: [PATCH 09/13] Change -n flag to -nn in TESTonce + +We need to change this because we have a different meaning of -n +flag than upstream does. We use -nn in those cases. +--- + tests/TESTonce | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/tests/TESTonce b/tests/TESTonce +index 7026624..e348701 100755 +--- a/tests/TESTonce ++++ b/tests/TESTonce +@@ -21,7 +21,7 @@ if ($^O eq 'MSWin32') { + else { + # we used to do this as a nice pipeline, but the problem is that $r fails to + # to be set properly if the tcpdump core dumps. +- $r = system "../tcpdump 2>/dev/null -n -t -r $input $options >NEW/$output"; ++ $r = system "../tcpdump 2>/dev/null -nn -t -r $input $options >NEW/$output"; + if($r != 0) { + # this means tcpdump failed. + open(OUTPUT, ">>"."NEW/$output") || die "fail to open $output\n"; +-- +2.13.5 + diff --git a/SOURCES/0010-Change-n-flag-to-nn-in-TESTonce.patch b/SOURCES/0010-Change-n-flag-to-nn-in-TESTonce.patch deleted file mode 100644 index 3814cd1..0000000 --- a/SOURCES/0010-Change-n-flag-to-nn-in-TESTonce.patch +++ /dev/null @@ -1,27 +0,0 @@ -From a27f780ce55de779c8ce56a8594ef13cefb21fdf Mon Sep 17 00:00:00 2001 -From: rpm-build -Date: Tue, 11 Apr 2017 09:19:48 +0200 -Subject: [PATCH 1/3] Change -n flag to -nn in TESTonce - -We need to change this because we have a different meaning of -n -flag than upstream does. We use -nn in those cases. ---- - tests/TESTonce | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/tests/TESTonce b/tests/TESTonce -index 78ad075..ad8a471 100755 ---- a/tests/TESTonce -+++ b/tests/TESTonce -@@ -21,7 +21,7 @@ if ($^O eq 'MSWin32') { - else { - # we used to do this as a nice pipeline, but the problem is that $r fails to - # to be set properly if the tcpdump core dumps. -- $r = system "../tcpdump 2>/dev/null -n -r $input $options >NEW/$output"; -+ $r = system "../tcpdump 2>/dev/null -nn -r $input $options >NEW/$output"; - if($r == 0x100) { - # this means tcpdump exited with code 1. - open(OUTPUT, ">>"."NEW/$output") || die "fail to open $output\n"; --- -1.8.3.1 - diff --git a/SOURCES/0010-Expect-miliseconds-instead-of-seconds-in-icmp-captur.patch b/SOURCES/0010-Expect-miliseconds-instead-of-seconds-in-icmp-captur.patch new file mode 100644 index 0000000..72a5f3d --- /dev/null +++ b/SOURCES/0010-Expect-miliseconds-instead-of-seconds-in-icmp-captur.patch @@ -0,0 +1,46 @@ +From 0ae4aa1881bbe40443bff802b5e4aa6ca0696dd9 Mon Sep 17 00:00:00 2001 +From: rpm-build +Date: Tue, 11 Apr 2017 09:37:53 +0200 +Subject: [PATCH 10/13] Expect miliseconds instead of seconds in icmp capture. + +Again this is caused by our patch, so we need to modify tests +accordingly. +--- + tests/icmpv6.out | 2 +- + tests/icmpv6_opt24-v.out | 4 ++-- + 2 files changed, 3 insertions(+), 3 deletions(-) + +diff --git a/tests/icmpv6.out b/tests/icmpv6.out +index bb7775e..8979540 100644 +--- a/tests/icmpv6.out ++++ b/tests/icmpv6.out +@@ -1,5 +1,5 @@ + IP6 (hlim 255, next-header ICMPv6 (58) payload length: 176) fe80::b299:28ff:fec8:d66c > ff02::1: [icmp6 sum ok] ICMP6, router advertisement, length 176 +- hop limit 64, Flags [home agent], pref medium, router lifetime 15s, reachable time 0s, retrans time 0s ++ hop limit 64, Flags [home agent], pref medium, router lifetime 15s, reachable time 0ms, retrans time 0ms + prefix info option (3), length 32 (4): 2222:3333:4444:5555:6600::/72, Flags [onlink, auto], valid time 2592000s, pref. time 604800s + 0x0000: 48c0 0027 8d00 0009 3a80 0000 0000 2222 + 0x0010: 3333 4444 5555 6600 0000 0000 0000 +diff --git a/tests/icmpv6_opt24-v.out b/tests/icmpv6_opt24-v.out +index 2b7cf09..00512df 100644 +--- a/tests/icmpv6_opt24-v.out ++++ b/tests/icmpv6_opt24-v.out +@@ -1,5 +1,5 @@ + IP6 (hlim 255, next-header ICMPv6 (58) payload length: 120) fe80::16cf:92ff:fe87:23d6 > ff02::1: [icmp6 sum ok] ICMP6, router advertisement, length 120 +- hop limit 0, Flags [managed, other stateful], pref medium, router lifetime 0s, reachable time 0s, retrans time 0s ++ hop limit 0, Flags [managed, other stateful], pref medium, router lifetime 0s, reachable time 0ms, retrans time 0ms + source link-address option (1), length 8 (1): 14:cf:92:87:23:d6 + mtu option (5), length 8 (1): 1500 + prefix info option (3), length 32 (4): fd8d:4fb3:5b2e::/64, Flags [onlink, auto], valid time 7200s, pref. time 1800s +@@ -7,7 +7,7 @@ IP6 (hlim 255, next-header ICMPv6 (58) payload length: 120) fe80::16cf:92ff:fe87 + rdnss option (25), length 24 (3): lifetime 1800s, addr: fd8d:4fb3:5b2e::1 + dnssl option (31), length 16 (2): lifetime 1800s, domain(s): lan. + IP6 (hlim 255, next-header ICMPv6 (58) payload length: 120) fe80::16cf:92ff:fe87:23d6 > ff02::1: [icmp6 sum ok] ICMP6, router advertisement, length 120 +- hop limit 0, Flags [managed, other stateful], pref medium, router lifetime 0s, reachable time 0s, retrans time 0s ++ hop limit 0, Flags [managed, other stateful], pref medium, router lifetime 0s, reachable time 0ms, retrans time 0ms + source link-address option (1), length 8 (1): 14:cf:92:87:23:d6 + mtu option (5), length 8 (1): 1500 + prefix info option (3), length 32 (4): fd8d:4fb3:5b2e::/64, Flags [onlink, auto], valid time 7200s, pref. time 1800s +-- +2.13.5 + diff --git a/SOURCES/0011-Disable-tests-that-require-newer-version-of-libpcap.patch b/SOURCES/0011-Disable-tests-that-require-newer-version-of-libpcap.patch new file mode 100644 index 0000000..bb4ca4d --- /dev/null +++ b/SOURCES/0011-Disable-tests-that-require-newer-version-of-libpcap.patch @@ -0,0 +1,46 @@ +From 5c2c64adef083164bd4f7227905e7da3ec79a203 Mon Sep 17 00:00:00 2001 +From: rpm-build +Date: Tue, 11 Apr 2017 09:42:57 +0200 +Subject: [PATCH 11/13] Disable tests that require newer version of libpcap. + +As can be seen from ltrace: +pcap_compile(0x25d4250, 0x7ffc966dcba0, "geneve && tcp", 1, nil) = -1 +these two filters (geneve) cannot be compiled, but it is not a tcpdump +fault. +--- + tests/TESTLIST | 9 +++++---- + 1 file changed, 5 insertions(+), 4 deletions(-) + +diff --git a/tests/TESTLIST b/tests/TESTLIST +index bc35a7e..c0f6aff 100644 +--- a/tests/TESTLIST ++++ b/tests/TESTLIST +@@ -301,8 +301,9 @@ aoe_1-v AoE_Linux.pcap aoe_1-v.out -v + + # Geneve tests + geneve-v geneve.pcap geneve-vv.out -vv +-geneve-vni geneve.pcap geneve-vni.out geneve 0xb +-geneve-tcp geneve.pcap geneve-tcp.out "geneve && tcp" ++# These filters cannot be compiled by our libpcap ++# geneve-vni geneve.pcap geneve-vni.out geneve 0xb ++# geneve-tcp geneve.pcap geneve-tcp.out "geneve && tcp" + + # DHCP tests + dhcp-rfc3004 dhcp-rfc3004.pcap dhcp-rfc3004-v.out -v +@@ -356,11 +357,11 @@ lisp_ipv6_eid lisp_ipv6.pcap lisp_ipv6.out -v + + # pcap invalid versions (first: version = 1.4 ; second: version = 2.5) + pcap-invalid-version-1 pcap-invalid-version-1.pcap pcap-invalid-version-1.out +-pcap-invalid-version-2 pcap-invalid-version-2.pcap pcap-invalid-version-2.out ++# pcap-invalid-version-2 pcap-invalid-version-2.pcap pcap-invalid-version-2.out + + # pcap-ng invalid version (first: version = 0.1 ; second: version = 1.1) + pcap-ng-invalid-vers-1 pcap-ng-invalid-vers-1.pcap pcap-ng-invalid-vers-1.out +-pcap-ng-invalid-vers-2 pcap-ng-invalid-vers-2.pcap pcap-ng-invalid-vers-2.out ++# pcap-ng-invalid-vers-2 pcap-ng-invalid-vers-2.pcap pcap-ng-invalid-vers-2.out + + # NSH over VxLAN-GPE + nsh-over-vxlan-gpe nsh-over-vxlan-gpe.pcap nsh-over-vxlan-gpe.out +-- +2.13.5 + diff --git a/SOURCES/0011-Expect-miliseconds-instead-of-seconds-in-icmp-captur.patch b/SOURCES/0011-Expect-miliseconds-instead-of-seconds-in-icmp-captur.patch deleted file mode 100644 index 05ab05c..0000000 --- a/SOURCES/0011-Expect-miliseconds-instead-of-seconds-in-icmp-captur.patch +++ /dev/null @@ -1,46 +0,0 @@ -From 64c07ad272eef3a781792059a584b220974eeedb Mon Sep 17 00:00:00 2001 -From: rpm-build -Date: Tue, 11 Apr 2017 09:37:53 +0200 -Subject: [PATCH 2/3] Expect miliseconds instead of seconds in icmp capture. - -Again this is caused by our patch, so we need to modify tests -accordingly. ---- - tests/icmpv6.out | 2 +- - tests/icmpv6_opt24-v.out | 4 ++-- - 2 files changed, 3 insertions(+), 3 deletions(-) - -diff --git a/tests/icmpv6.out b/tests/icmpv6.out -index bb7775e..8979540 100644 ---- a/tests/icmpv6.out -+++ b/tests/icmpv6.out -@@ -1,5 +1,5 @@ - IP6 (hlim 255, next-header ICMPv6 (58) payload length: 176) fe80::b299:28ff:fec8:d66c > ff02::1: [icmp6 sum ok] ICMP6, router advertisement, length 176 -- hop limit 64, Flags [home agent], pref medium, router lifetime 15s, reachable time 0s, retrans time 0s -+ hop limit 64, Flags [home agent], pref medium, router lifetime 15s, reachable time 0ms, retrans time 0ms - prefix info option (3), length 32 (4): 2222:3333:4444:5555:6600::/72, Flags [onlink, auto], valid time 2592000s, pref. time 604800s - 0x0000: 48c0 0027 8d00 0009 3a80 0000 0000 2222 - 0x0010: 3333 4444 5555 6600 0000 0000 0000 -diff --git a/tests/icmpv6_opt24-v.out b/tests/icmpv6_opt24-v.out -index 2b7cf09..00512df 100644 ---- a/tests/icmpv6_opt24-v.out -+++ b/tests/icmpv6_opt24-v.out -@@ -1,5 +1,5 @@ - IP6 (hlim 255, next-header ICMPv6 (58) payload length: 120) fe80::16cf:92ff:fe87:23d6 > ff02::1: [icmp6 sum ok] ICMP6, router advertisement, length 120 -- hop limit 0, Flags [managed, other stateful], pref medium, router lifetime 0s, reachable time 0s, retrans time 0s -+ hop limit 0, Flags [managed, other stateful], pref medium, router lifetime 0s, reachable time 0ms, retrans time 0ms - source link-address option (1), length 8 (1): 14:cf:92:87:23:d6 - mtu option (5), length 8 (1): 1500 - prefix info option (3), length 32 (4): fd8d:4fb3:5b2e::/64, Flags [onlink, auto], valid time 7200s, pref. time 1800s -@@ -7,7 +7,7 @@ IP6 (hlim 255, next-header ICMPv6 (58) payload length: 120) fe80::16cf:92ff:fe87 - rdnss option (25), length 24 (3): lifetime 1800s, addr: fd8d:4fb3:5b2e::1 - dnssl option (31), length 16 (2): lifetime 1800s, domain(s): lan. - IP6 (hlim 255, next-header ICMPv6 (58) payload length: 120) fe80::16cf:92ff:fe87:23d6 > ff02::1: [icmp6 sum ok] ICMP6, router advertisement, length 120 -- hop limit 0, Flags [managed, other stateful], pref medium, router lifetime 0s, reachable time 0s, retrans time 0s -+ hop limit 0, Flags [managed, other stateful], pref medium, router lifetime 0s, reachable time 0ms, retrans time 0ms - source link-address option (1), length 8 (1): 14:cf:92:87:23:d6 - mtu option (5), length 8 (1): 1500 - prefix info option (3), length 32 (4): fd8d:4fb3:5b2e::/64, Flags [onlink, auto], valid time 7200s, pref. time 1800s --- -1.8.3.1 - diff --git a/SOURCES/0012-Disable-tests-that-require-newer-version-of-libpcap.patch b/SOURCES/0012-Disable-tests-that-require-newer-version-of-libpcap.patch deleted file mode 100644 index f0437bd..0000000 --- a/SOURCES/0012-Disable-tests-that-require-newer-version-of-libpcap.patch +++ /dev/null @@ -1,46 +0,0 @@ -From 453bdd1bd7cb6f713b56829ae6a728df8c621df0 Mon Sep 17 00:00:00 2001 -From: rpm-build -Date: Tue, 11 Apr 2017 09:42:57 +0200 -Subject: [PATCH 3/3] Disable tests that require newer version of libpcap. - -As can be seen from ltrace: -pcap_compile(0x25d4250, 0x7ffc966dcba0, "geneve && tcp", 1, nil) = -1 -these two filters (geneve) cannot be compiled, but it is not a tcpdump -fault. ---- - tests/TESTLIST | 9 +++++---- - 1 file changed, 5 insertions(+), 4 deletions(-) - -diff --git a/tests/TESTLIST b/tests/TESTLIST -index ba29da4..0a1e2f1 100644 ---- a/tests/TESTLIST -+++ b/tests/TESTLIST -@@ -300,8 +300,9 @@ aoe_1-v AoE_Linux.pcap aoe_1-v.out -t -v - - # Geneve tests - geneve-v geneve.pcap geneve-vv.out -t -vv --geneve-vni geneve.pcap geneve-vni.out -t geneve 0xb --geneve-tcp geneve.pcap geneve-tcp.out -t "geneve && tcp" -+# These filters cannot be compiled by our libpcap -+# geneve-vni geneve.pcap geneve-vni.out -t geneve 0xb -+# geneve-tcp geneve.pcap geneve-tcp.out -t "geneve && tcp" - - # DHCP tests - dhcp-rfc3004 dhcp-rfc3004.pcap dhcp-rfc3004-v.out -t -v -@@ -355,11 +356,11 @@ lisp_ipv6_eid lisp_ipv6.pcap lisp_ipv6.out -t -v - - # pcap invalid versions (first: version = 1.4 ; second: version = 2.5) - pcap-invalid-version-1 pcap-invalid-version-1.pcap pcap-invalid-version-1.out -t --pcap-invalid-version-2 pcap-invalid-version-2.pcap pcap-invalid-version-2.out -t -+# pcap-invalid-version-2 pcap-invalid-version-2.pcap pcap-invalid-version-2.out -t - - # pcap-ng invalid version (first: version = 0.1 ; second: version = 1.1) - pcap-ng-invalid-vers-1 pcap-ng-invalid-vers-1.pcap pcap-ng-invalid-vers-1.out -t --pcap-ng-invalid-vers-2 pcap-ng-invalid-vers-2.pcap pcap-ng-invalid-vers-2.out -t -+# pcap-ng-invalid-vers-2 pcap-ng-invalid-vers-2.pcap pcap-ng-invalid-vers-2.out -t - - # NSH over VxLAN-GPE - nsh-over-vxlan-gpe nsh-over-vxlan-gpe.pcap nsh-over-vxlan-gpe.out -t --- -1.8.3.1 - diff --git a/SOURCES/0012-Make-default-capture-buffer-size-bigger.patch b/SOURCES/0012-Make-default-capture-buffer-size-bigger.patch new file mode 100644 index 0000000..d1b938d --- /dev/null +++ b/SOURCES/0012-Make-default-capture-buffer-size-bigger.patch @@ -0,0 +1,39 @@ +From 41d5020151d21ff0609a4c4173ef2a8ae41f754d Mon Sep 17 00:00:00 2001 +From: rpm-build +Date: Tue, 9 May 2017 10:17:42 +0200 +Subject: [PATCH 12/13] Make default capture buffer size bigger. + +--- + tcpdump.c | 9 ++++++++- + 1 file changed, 8 insertions(+), 1 deletion(-) + +diff --git a/tcpdump.c b/tcpdump.c +index d7b094b..a54a42c 100644 +--- a/tcpdump.c ++++ b/tcpdump.c +@@ -130,6 +130,7 @@ The Regents of the University of California. All rights reserved.\n"; + #endif + + static int Bflag; /* buffer size */ ++#define DEFAULT_CAPTURE_BUFFER_SIZE 4*1024*1024 + static long Cflag; /* rotate dump files after this many bytes */ + static int Cflag_count; /* Keep track of which file number we're writing */ + static int Dflag; /* list available devices and exit */ +@@ -1011,7 +1012,13 @@ open_interface(const char *device, netdissect_options *ndo, char *ebuf) + if (status != 0) + error("%s: Can't set buffer size: %s", + device, pcap_statustostr(status)); +- } ++ } else { ++ Bflag = DEFAULT_CAPTURE_BUFFER_SIZE; ++ status = pcap_set_buffer_size(pc, Bflag); ++ if (status != 0) ++ fprintf(stderr, "Can't set buffer size to %d, using system default.\n", DEFAULT_CAPTURE_BUFFER_SIZE); ++ } ++ + #ifdef HAVE_PCAP_SET_TSTAMP_TYPE + if (jflag != -1) { + status = pcap_set_tstamp_type(pc, jflag); +-- +2.13.5 + diff --git a/SOURCES/0013-Add-printing-support-for-vsockmon-devices.patch b/SOURCES/0013-Add-printing-support-for-vsockmon-devices.patch new file mode 100644 index 0000000..0808c3e --- /dev/null +++ b/SOURCES/0013-Add-printing-support-for-vsockmon-devices.patch @@ -0,0 +1,318 @@ +From 66a5b93dee386bc2f57033a150341752923b8b41 Mon Sep 17 00:00:00 2001 +From: Gerard Garcia +Date: Tue, 14 Jun 2016 16:45:44 +0200 +Subject: [PATCH 13/13] Add printing support for vsockmon devices. + +Print Linux 4.12 vsockmon captures: + + # modprobe vsockmon + # ip link add type vsockmon + # ip link set vsockmon0 up + # tcpdump -i vsockmon0 + 16:25:24.987917 VIRTIO 3.1025 > 2.1234 CONNECT, length 76 + 16:25:24.987963 VIRTIO 2.1234 > 3.1025 CONNECT, length 76 + 16:25:26.568271 VIRTIO 3.1025 > 2.1234 PAYLOAD, length 82 + 16:25:26.568512 VIRTIO 2.1234 > 3.1025 CONTROL, length 76 + 16:25:28.411335 VIRTIO 3.1025 > 2.1234 DISCONNECT, length 76 + 16:25:28.411628 VIRTIO 2.1234 > 3.1025 DISCONNECT, length 76 + +For more information about vsock see: +http://wiki.qemu.org/Features/VirtioVsock +--- + Makefile.in | 1 + + netdissect.h | 1 + + print-vsock.c | 243 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ + print.c | 3 + + 4 files changed, 248 insertions(+) + create mode 100644 print-vsock.c + +diff --git a/Makefile.in b/Makefile.in +index 0941f0e..a301878 100644 +--- a/Makefile.in ++++ b/Makefile.in +@@ -226,6 +226,7 @@ LIBNETDISSECT_SRC=\ + print-vjc.c \ + print-vqp.c \ + print-vrrp.c \ ++ print-vsock.c \ + print-vtp.c \ + print-vxlan.c \ + print-vxlan-gpe.c \ +diff --git a/netdissect.h b/netdissect.h +index 089b040..c89fcf1 100644 +--- a/netdissect.h ++++ b/netdissect.h +@@ -444,6 +444,7 @@ extern u_int symantec_if_print IF_PRINTER_ARGS; + extern u_int token_if_print IF_PRINTER_ARGS; + extern u_int usb_linux_48_byte_print IF_PRINTER_ARGS; + extern u_int usb_linux_64_byte_print IF_PRINTER_ARGS; ++extern u_int vsock_print IF_PRINTER_ARGS; + + /* + * Structure passed to some printers to allow them to print +diff --git a/print-vsock.c b/print-vsock.c +new file mode 100644 +index 0000000..fc5694d +--- /dev/null ++++ b/print-vsock.c +@@ -0,0 +1,243 @@ ++/* ++ * Copyright (c) 2016 Gerard Garcia ++ * Copyright (c) 2017 Red Hat, Inc. ++ * ++ * Redistribution and use in source and binary forms, with or without ++ * modification, are permitted provided that the following conditions ++ * are met: ++ * ++ * 1. Redistributions of source code must retain the above copyright ++ * notice, this list of conditions and the following disclaimer. ++ * 2. Redistributions in binary form must reproduce the above copyright ++ * notice, this list of conditions and the following disclaimer in ++ * the documentation and/or other materials provided with the ++ * distribution. ++ * 3. The names of the authors may not be used to endorse or promote ++ * products derived from this software without specific prior ++ * written permission. ++ * ++ * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR ++ * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED ++ * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. ++ */ ++ ++/* \summary: Linux vsock printer */ ++ ++#ifdef HAVE_CONFIG_H ++#include "config.h" ++#endif ++ ++#include ++#include ++ ++#include "netdissect.h" ++#include "extract.h" ++ ++static const char tstr[] = " [|vsock]"; ++ ++enum af_vsockmon_transport { ++ AF_VSOCK_TRANSPORT_UNKNOWN = 0, ++ AF_VSOCK_TRANSPORT_NO_INFO = 1, /* No transport information */ ++ AF_VSOCK_TRANSPORT_VIRTIO = 2, /* Virtio transport header */ ++}; ++ ++static const struct tok vsock_transport[] = { ++ {AF_VSOCK_TRANSPORT_UNKNOWN, "UNKNOWN"}, ++ {AF_VSOCK_TRANSPORT_NO_INFO, "NO_INFO"}, ++ {AF_VSOCK_TRANSPORT_VIRTIO, "VIRTIO"}, ++ { 0, NULL } ++}; ++ ++enum af_vsockmon_op { ++ AF_VSOCK_OP_UNKNOWN = 0, ++ AF_VSOCK_OP_CONNECT = 1, ++ AF_VSOCK_OP_DISCONNECT = 2, ++ AF_VSOCK_OP_CONTROL = 3, ++ AF_VSOCK_OP_PAYLOAD = 4, ++}; ++ ++static const struct tok vsock_op[] = { ++ {AF_VSOCK_OP_UNKNOWN, "UNKNOWN"}, ++ {AF_VSOCK_OP_CONNECT, "CONNECT"}, ++ {AF_VSOCK_OP_DISCONNECT, "DISCONNECT"}, ++ {AF_VSOCK_OP_CONTROL, "CONTROL"}, ++ {AF_VSOCK_OP_PAYLOAD, "PAYLOAD"}, ++ { 0, NULL } ++}; ++ ++enum virtio_vsock_type { ++ VIRTIO_VSOCK_TYPE_STREAM = 1, ++}; ++ ++static const struct tok virtio_type[] = { ++ {VIRTIO_VSOCK_TYPE_STREAM, "STREAM"}, ++ { 0, NULL } ++}; ++ ++enum virtio_vsock_op { ++ VIRTIO_VSOCK_OP_INVALID = 0, ++ VIRTIO_VSOCK_OP_REQUEST = 1, ++ VIRTIO_VSOCK_OP_RESPONSE = 2, ++ VIRTIO_VSOCK_OP_RST = 3, ++ VIRTIO_VSOCK_OP_SHUTDOWN = 4, ++ VIRTIO_VSOCK_OP_RW = 5, ++ VIRTIO_VSOCK_OP_CREDIT_UPDATE = 6, ++ VIRTIO_VSOCK_OP_CREDIT_REQUEST = 7, ++}; ++ ++static const struct tok virtio_op[] = { ++ {VIRTIO_VSOCK_OP_INVALID, "INVALID"}, ++ {VIRTIO_VSOCK_OP_REQUEST, "REQUEST"}, ++ {VIRTIO_VSOCK_OP_RESPONSE, "RESPONSE"}, ++ {VIRTIO_VSOCK_OP_RST, "RST"}, ++ {VIRTIO_VSOCK_OP_SHUTDOWN, "SHUTDOWN"}, ++ {VIRTIO_VSOCK_OP_RW, "RW"}, ++ {VIRTIO_VSOCK_OP_CREDIT_UPDATE, "CREDIT UPDATE"}, ++ {VIRTIO_VSOCK_OP_CREDIT_REQUEST, "CREDIT REQUEST"}, ++ { 0, NULL } ++}; ++ ++/* All fields are little-endian */ ++ ++struct virtio_vsock_hdr { ++ uint64_t src_cid; ++ uint64_t dst_cid; ++ uint32_t src_port; ++ uint32_t dst_port; ++ uint32_t len; ++ uint16_t type; /* enum virtio_vsock_type */ ++ uint16_t op; /* enum virtio_vsock_op */ ++ uint32_t flags; ++ uint32_t buf_alloc; ++ uint32_t fwd_cnt; ++} UNALIGNED; ++ ++struct af_vsockmon_hdr { ++ uint64_t src_cid; ++ uint64_t dst_cid; ++ uint32_t src_port; ++ uint32_t dst_port; ++ uint16_t op; /* enum af_vsockmon_op */ ++ uint16_t transport; /* enum af_vosckmon_transport */ ++ uint16_t len; /* size of transport header */ ++ uint8_t reserved[2]; ++}; ++ ++static void ++vsock_virtio_hdr_print(netdissect_options *ndo, const struct virtio_vsock_hdr *hdr) ++{ ++ uint16_t u16_v; ++ uint32_t u32_v; ++ ++ u32_v = EXTRACT_LE_32BITS(&hdr->len); ++ ND_PRINT((ndo, "len %u", u32_v)); ++ ++ u16_v = EXTRACT_LE_16BITS(&hdr->type); ++ ND_PRINT((ndo, ", type %s", ++ tok2str(virtio_type, "Invalid type (%hu)", u16_v))); ++ ++ u16_v = EXTRACT_LE_16BITS(&hdr->op); ++ ND_PRINT((ndo, ", op %s", ++ tok2str(virtio_op, "Invalid op (%hu)", u16_v))); ++ ++ u32_v = EXTRACT_LE_32BITS(&hdr->flags); ++ ND_PRINT((ndo, ", flags %x", u32_v)); ++ ++ u32_v = EXTRACT_LE_32BITS(&hdr->buf_alloc); ++ ND_PRINT((ndo, ", buf_alloc %u", u32_v)); ++ ++ u32_v = EXTRACT_LE_32BITS(&hdr->fwd_cnt); ++ ND_PRINT((ndo, ", fwd_cnt %u", u32_v)); ++} ++ ++static size_t ++vsock_transport_hdr_size(uint16_t transport) ++{ ++ switch (transport) { ++ case AF_VSOCK_TRANSPORT_VIRTIO: ++ return sizeof(struct virtio_vsock_hdr); ++ default: ++ return 0; ++ } ++} ++ ++static void ++vsock_transport_hdr_print(netdissect_options *ndo, uint16_t transport, ++ const u_char *p, const u_int len) ++{ ++ size_t transport_size = vsock_transport_hdr_size(transport); ++ const void *hdr; ++ ++ if (len < sizeof(struct af_vsockmon_hdr) + transport_size) ++ return; ++ ++ hdr = p + sizeof(struct af_vsockmon_hdr); ++ switch (transport) { ++ case AF_VSOCK_TRANSPORT_VIRTIO: ++ ND_PRINT((ndo, " (")); ++ vsock_virtio_hdr_print(ndo, hdr); ++ ND_PRINT((ndo, ")")); ++ break; ++ default: ++ break; ++ } ++} ++ ++static void ++vsock_hdr_print(netdissect_options *ndo, const u_char *p, const u_int len) ++{ ++ uint16_t hdr_transport, hdr_op; ++ uint32_t hdr_src_port, hdr_dst_port; ++ uint64_t hdr_src_cid, hdr_dst_cid; ++ size_t total_hdr_size; ++ ++ const struct af_vsockmon_hdr *hdr = (struct af_vsockmon_hdr *)p; ++ ++ hdr_transport = EXTRACT_LE_16BITS(&hdr->transport); ++ ND_PRINT((ndo, "%s", ++ tok2str(vsock_transport, "Invalid transport (%u)", ++ hdr_transport))); ++ ++ /* If verbose level is more than 0 print transport details */ ++ if (ndo->ndo_vflag) { ++ vsock_transport_hdr_print(ndo, hdr_transport, p, len); ++ ND_PRINT((ndo, "\n\t")); ++ } else ++ ND_PRINT((ndo, " ")); ++ ++ hdr_src_cid = EXTRACT_LE_64BITS(&hdr->src_cid); ++ hdr_dst_cid = EXTRACT_LE_64BITS(&hdr->dst_cid); ++ hdr_src_port = EXTRACT_LE_32BITS(&hdr->src_port); ++ hdr_dst_port = EXTRACT_LE_32BITS(&hdr->dst_port); ++ hdr_op = EXTRACT_LE_16BITS(&hdr->op); ++ ND_PRINT((ndo, "%lu.%hu > %lu.%hu %s, length %u", ++ hdr_src_cid, hdr_src_port, ++ hdr_dst_cid, hdr_dst_port, ++ tok2str(vsock_op, " invalid op (%u)", hdr_op), ++ len)); ++ ++ /* If debug level is more than 1 print payload contents */ ++ total_hdr_size = sizeof(struct af_vsockmon_hdr) + ++ vsock_transport_hdr_size(hdr_transport); ++ if (ndo->ndo_vflag > 1 && ++ hdr_op == AF_VSOCK_OP_PAYLOAD && ++ len > total_hdr_size) { ++ const u_char *payload = p + total_hdr_size; ++ ++ ND_PRINT((ndo, "\n")); ++ print_unknown_data(ndo, payload, "\t", len - total_hdr_size); ++ } ++} ++ ++u_int ++vsock_print(netdissect_options *ndo, const struct pcap_pkthdr *h, const u_char *cp) ++{ ++ u_int len = h->len; ++ ++ if (len < sizeof(struct af_vsockmon_hdr)) ++ ND_PRINT((ndo, "%s", tstr)); ++ else ++ vsock_hdr_print(ndo, cp, len); ++ ++ return len; ++} +diff --git a/print.c b/print.c +index c76f344..1945cfd 100644 +--- a/print.c ++++ b/print.c +@@ -220,6 +220,9 @@ static const struct printer printers[] = { + #ifdef DLT_PPP_SERIAL + { ppp_hdlc_if_print, DLT_PPP_SERIAL }, + #endif ++#ifdef DLT_VSOCK ++ { vsock_print, DLT_VSOCK }, ++#endif + { NULL, 0 }, + }; + +-- +2.13.5 + diff --git a/SOURCES/0013-Make-default-capture-buffer-size-bigger.patch b/SOURCES/0013-Make-default-capture-buffer-size-bigger.patch deleted file mode 100644 index 3bc0ed5..0000000 --- a/SOURCES/0013-Make-default-capture-buffer-size-bigger.patch +++ /dev/null @@ -1,38 +0,0 @@ -From 65cf72e5f47449ef053c099126949431e1d4d50b Mon Sep 17 00:00:00 2001 -From: rpm-build -Date: Tue, 9 May 2017 10:17:42 +0200 -Subject: [PATCH] Make default capture buffer size bigger. - ---- - tcpdump.c | 8 +++++++- - 1 file changed, 7 insertions(+), 1 deletion(-) - -diff --git a/tcpdump.c b/tcpdump.c -index c7e2ebd..d0def76 100644 ---- a/tcpdump.c -+++ b/tcpdump.c -@@ -130,6 +130,7 @@ The Regents of the University of California. All rights reserved.\n"; - #endif - - static int Bflag; /* buffer size */ -+#define DEFAULT_CAPTURE_BUFFER_SIZE 4*1024*1024 - static int Cflag; /* rotate dump files after this many bytes */ - static int Cflag_count; /* Keep track of which file number we're writing */ - static int Dflag; /* list available devices and exit */ -@@ -1020,7 +1021,12 @@ open_interface(const char *device, netdissect_options *ndo, char *ebuf) - if (status != 0) - error("%s: Can't set buffer size: %s", - device, pcap_statustostr(status)); -- } -+ } else { -+ Bflag = DEFAULT_CAPTURE_BUFFER_SIZE; -+ status = pcap_set_buffer_size(pc, Bflag); -+ if (status != 0) -+ fprintf(stderr, "Can't set buffer size to %d, using system default.\n", DEFAULT_CAPTURE_BUFFER_SIZE); -+ } - #ifdef HAVE_PCAP_SET_TSTAMP_TYPE - if (jflag != -1) { - status = pcap_set_tstamp_type(pc, jflag); --- -2.9.3 - diff --git a/SOURCES/0014-Disable-test-with-unsupported-link-type.patch b/SOURCES/0014-Disable-test-with-unsupported-link-type.patch new file mode 100644 index 0000000..3422710 --- /dev/null +++ b/SOURCES/0014-Disable-test-with-unsupported-link-type.patch @@ -0,0 +1,26 @@ +From b7a5a890eb36c562ed0a5196985120348b35b4e0 Mon Sep 17 00:00:00 2001 +From: rpm-build +Date: Thu, 14 Sep 2017 12:56:02 +0200 +Subject: [PATCH] Disable test with unsupported link type + +--- + tests/TESTLIST | 3 ++- + 1 file changed, 2 insertions(+), 1 deletion(-) + +diff --git a/tests/TESTLIST b/tests/TESTLIST +index c0f6aff..0c4c2c9 100644 +--- a/tests/TESTLIST ++++ b/tests/TESTLIST +@@ -503,7 +503,8 @@ juniper_es juniper_es.pcap juniper_es.out -vvv -e + + # bad packets from Yannick Formaggio + l2tp-avp-overflow l2tp-avp-overflow.pcap l2tp-avp-overflow.out -v +-pktap-heap-overflow pktap-heap-overflow.pcap pktap-heap-overflow.out -v ++# This link type is not supported by RHEL7's libpcap ++# pktap-heap-overflow pktap-heap-overflow.pcap pktap-heap-overflow.out -v + wb-oobr wb-oobr.pcap wb-oobr.out -v + + # bad packets from Bhargava Shastry +-- +2.13.5 + diff --git a/SPECS/tcpdump.spec b/SPECS/tcpdump.spec index 63cdd6c..bc45130 100644 --- a/SPECS/tcpdump.spec +++ b/SPECS/tcpdump.spec @@ -1,30 +1,32 @@ Summary: A network traffic monitoring tool Name: tcpdump Epoch: 14 -Version: 4.9.0 -Release: 5%{?dist} +Version: 4.9.2 +Release: 3%{?dist} License: BSD with advertising URL: http://www.tcpdump.org Group: Applications/Internet Requires(pre): shadow-utils -BuildRequires: automake sharutils openssl-devel libcap-ng-devel libpcap-devel git +Requires: libpcap >= 14:1.5.3-10 +BuildRequires: automake sharutils openssl-devel libcap-ng-devel libpcap-devel git Source0: http://www.tcpdump.org/release/%{name}-%{version}.tar.gz Source1: ftp://ftp.ee.lbl.gov/tcpslice-1.2a3.tar.gz -Patch0001: 0001-icmp6-print-Reachable-Time-and-Retransmit-Time-from-.patch -Patch0002: 0002-Use-getnameinfo-instead-of-gethostbyaddr.patch -# Patch 0003 removed -Patch0004: 0004-tcpslice-update-tcpslice-patch-to-1.2a3.patch -Patch0005: 0005-tcpslice-remove-unneeded-include.patch -Patch0006: 0006-tcpslice-don-t-test-the-pointer-but-pointee-for-NULL.patch -Patch0007: 0007-Introduce-nn-option.patch -Patch0008: 0008-Don-t-print-out-we-dropped-root-we-are-always-droppi.patch -Patch0009: 0009-Change-P-to-Q-and-print-warning.patch -Patch0010: 0010-Change-n-flag-to-nn-in-TESTonce.patch -Patch0011: 0011-Expect-miliseconds-instead-of-seconds-in-icmp-captur.patch -Patch0012: 0012-Disable-tests-that-require-newer-version-of-libpcap.patch -Patch0013: 0013-Make-default-capture-buffer-size-bigger.patch +Patch0001: 0001-icmp6-print-Reachable-Time-and-Retransmit-Time-from-.patch +Patch0002: 0002-Use-getnameinfo-instead-of-gethostbyaddr.patch +Patch0003: 0003-tcpslice-update-tcpslice-patch-to-1.2a3.patch +Patch0004: 0004-tcpslice-remove-unneeded-include.patch +Patch0005: 0005-tcpslice-don-t-test-the-pointer-but-pointee-for-NULL.patch +Patch0006: 0006-Introduce-nn-option.patch +Patch0007: 0007-Don-t-print-out-we-dropped-root-we-are-always-droppi.patch +Patch0008: 0008-Change-P-to-Q-and-print-warning.patch +Patch0009: 0009-Change-n-flag-to-nn-in-TESTonce.patch +Patch0010: 0010-Expect-miliseconds-instead-of-seconds-in-icmp-captur.patch +Patch0011: 0011-Disable-tests-that-require-newer-version-of-libpcap.patch +Patch0012: 0012-Make-default-capture-buffer-size-bigger.patch +Patch0013: 0013-Add-printing-support-for-vsockmon-devices.patch +Patch0014: 0014-Disable-test-with-unsupported-link-type.patch %define tcpslice_dir tcpslice-1.2a3 @@ -87,6 +89,18 @@ exit 0 %{_mandir}/man8/tcpdump.8* %changelog +* Wed Nov 15 2017 Michal Ruprich - 14:4.9.2-3 +- Related: rhbz#1464390; build against latest libpcap + +* Mon Nov 13 2017 Michal Ruprich - 14:4.9.2-2 +- Related: rhbz#1464390; added dependency on libpcap-14:1.5.3-10 due to vsockmon support + +* Thu Sep 14 2017 Martin Sehnoutka - 14:4.9.2-1 +- Resolves: rhbz#1490842; Rebase to 4.9.2 version + +* Tue Aug 15 2017 Martin Sehnoutka - 14:4.9.0-6 +- Resolves: rhbz#1464390; Add printing support for vsockmon devices + * Tue May 09 2017 Martin Sehnoutka - 14:4.9.0-5 - Resolves: #1441597; use bigger capture buffer than in upstream