commit 7fe0837c0258e7e0a537b90b4f506c159d749e7a Author: Carsten Larsen Date: Fri May 5 20:50:10 2017 +0200 Initial commit diff --git a/CHANGES b/CHANGES new file mode 100755 index 0000000..2617f51 --- /dev/null +++ b/CHANGES @@ -0,0 +1,716 @@ +$Header: /Users/olsen/Code/cvs2svn-2010/os4-cvs-repository/contrib/roadshow/client-software/tcpdump-3.8.1/CHANGES,v 1.2 2004-09-22 15:40:54 olsen Exp $ + +Wed. November 12, 2003. mcr@sandelman.ottawa.on.ca. Summary for 3.8 release + + changed syntax of -E argument so that multiple SAs can be decrypted + fixes for Digital Unix headers and Documentation + __attribute__ fixes + CDP changes from Terry Kennedy . + IPv6 mobility updates from Kazushi Sugyo + Fixes for ASN.1 decoder for 2.100.3 forms. + Added a count of packets received and processed to clarify numbers. + Incorporated WinDUMP patches for Win32 builds. + PPPoE payload length headers. + Fixes for HP C compiler builds. + Use new pcap_breakloop() and pcap_findalldevs() if we can. + BGP output split into multiple lines. + Fixes to 802.11 decoding. + Fixes to PIM decoder. + SuperH is a CPU that can't handle unaligned access. Many fixes for + unaligned access work. + Fixes to Frame-Relay decoder for Q.933/922 frames. + Clarified when Solaris can do captures as non-root. + Added tests/ subdir for examples/regression tests. + New -U flag. -flush stdout after every packet + New -A flag -print ascii only + support for decoding IS-IS inside Cisco HDLC Frames + more verbosity for tftp decoder + mDNS decoder + new BFD decoder + cross compilation patches + RFC 3561 AODV support. + UDP/TCP pseudo-checksum properly for source-route options. + sanitized all files to modified BSD license + Add support for RFC 2625 IP-over-Fibre Channel. + fixes for DECnet support. + Support RFC 2684 bridging of Ethernet, 802.5 Token Ring, and FDDI. + RFC 2684 encapsulation of BPDUs. + +Tuesday, February 25, 2003. fenner@research.att.com. 3.7.2 release + + Fixed infinite loop when parsing malformed isakmp packets. + (reported by iDefense; already fixed in CVS) + Fixed infinite loop when parsing malformed BGP packets. + Fixed buffer overflow with certain malformed NFS packets. + Pretty-print unprintable network names in 802.11 printer. + Handle truncated nbp (appletalk) packets. + Updated DHCPv6 printer to match draft-ietf-dhc-dhcpv6-22.txt + Print IP protocol name even if we don't have a printer for it. + Print IP protocol name or number for fragments. + Print the whole MPLS label stack, not just the top label. + Print request header and file handle for NFS v3 FSINFO and PATHCONF + requests. + Fix NFS packet truncation checks. + Handle "old" DR-Priority and Bidir-Capable PIM HELLO options. + Handle unknown RADIUS attributes properly. + Fix an ASN.1 parsing error that would cause e.g. the OID + 2.100.3 to be misrepresented as 4.20.3 . + +Monday, January 21, 2002. mcr@sandelman.ottawa.on.ca. Summary for 3.7 release +see http://www.tcpdump.org/cvs-log/2002-01-21.10:16:48.html for commit log. + keyword "ipx" added. + Better OSI/802.2 support on Linux. + IEEE 802.11 support, from clenahan@fortresstech.com, achirica@ttd.net. + LLC SAP support for FDDI/token ring/RFC-1483 style ATM + BXXP protocol was replaced by the BEEP protocol; + improvements to SNAP demux. + Changes to "any" interface documentation. + Documentation on pcap_stats() counters. + Fix a memory leak found by Miklos Szeredi - pcap_ether_aton(). + Added MPLS encapsulation decoding per RFC3032. + DNS dissector handles TKEY, TSIG and IXFR. + adaptive SLIP interface patch from Igor Khristophorov + SMB printing has much improved bounds checks + OUI 0x0000f8 decoded as encapsulated ethernet for Cisco-custom bridging + Zephyr support, from Nickolai Zeldovich . + Solaris - devices with digits in them. Stefan Hudson + IPX socket 0x85be is for Cisco EIGRP over IPX. + Improvements to fragmented ESP handling. + SCTP support from Armando L. Caro Jr. + Linux ARPHDR_ATM support fixed. + Added a "netbeui" keyword, which selects NetBEUI packets. + IPv6 ND improvements, MobileIP dissector, 2292bis-02 for RA option. + Handle ARPHDR_HDLC from Marcus Felipe Pereira . + Handle IPX socket 0x553 -> NetBIOS-over-IPX socket, "nwlink-dgm" + Better Linux libc5 compat. + BIND9 lwres dissector added. + MIPS and SPARC get strict alignment macros (affects print-bgp.c) + Apple LocalTalk LINKTYPE_ reserved. + New time stamp formats documented. + DHCP6 updated to draft-22.txt spec. + ICMP types/codes now accept symbolic names. + Add SIGINFO handler from LBL + encrypted CIPE tunnels in IRIX, from Franz Schaefer . + now we are -Wstrict-prototype clean. + NetBSD DLT_PPP_ETHER; adapted from Martin Husemann . + PPPoE dissector cleaned up. + Support for LocalTalk hardware, from Uns Lider . + In dissector, now the caller prints the IP addresses rather than proto. + cjclark@alum.mit.edu: print the IP proto for non-initial fragments. + LLC frames with a DSAP and LSAP of 0xe0 are IPX frames. + Linux cooked frames with a type value of LINUX_SLL_P_802_3 are IPX. + captures on the "any" device won't be done in promiscuous mode + Token Ring support on DLPI - Onno van der Linden + ARCNet support, from NetBSD. + HSRP dissector, from Julian Cowley . + Handle (GRE-encapsulated) PPTP + added -C option to rotate save file every optarg * 1,000,000 bytes. + support for "vrrp" name - NetBSD, by Klaus Klein . + PPTP support, from Motonori Shindo . + IS-IS over PPP support, from Hannes Gredler . + CNFP support for IPv6,format. Harry Raaymakers . + ESP printing updated to RFC2406. + HP-UX can now handle large number of PPAs. + MSDP printer added. + L2TP dissector improvements from Motonori Shindo. + +Tuesday January 9, 2001. mcr@sandelman.ottawa.on.ca. Summary for 3.6 release + Cleaned up documentation. + Promisc mode fixes for Linux + IPsec changes/cleanups. + Alignment fixes for picky architectures + + Removed dependency on native headers for packet dissectors. + Removed Linux specific headers that were shipped + + libpcap changes provide for exchanging capture files between + systems. Save files now have well known PACKET_ values instead of + depending upon system dependant mappings of DLT_* types. + + Support for computing/checking IP and UDP/TCP checksums. + + Updated autoconf stock files. + + IPv6 improvements: dhcp (draft-15), mobile-ip6, ppp, ospf6, + + Added dissector support for: ISOCLNS, Token Ring, IGMPv3, bxxp, + timed, vrrp, radius, chdlc, cnfp, cdp, IEEE802.1d, raw-AppleTalk + + Added filtering support for: VLANs, ESIS, ISIS + + Improvements to: print-telnet, IPTalk, bootp/dhcp, ECN, PPP, + L2TP, PPPoE + + HP-UX 11.0 -- find the right dlpi device. + Solaris 8 - IPv6 works + Linux - Added support for an "any" device to capture on all interfaces + + Security fixes: buffer overrun audit done. Strcpy replaced with + strlcpy, sprintf replaced with snprintf. + Look for lex problems, and warn about them. + + +v3.5 Fri Jan 28 18:00:00 PST 2000 + +Bill Fenner +- switch to config.h for autoconf +- unify RCSID strings +- Updated PIMv1, PIMv2, DVMRP, IGMP parsers, add Cisco Auto-RP parser +- Really fix the RIP printer +- Fix MAC address -> name translation. +- some -Wall -Wformat fixes +- update makemib to parse much of SMIv2 +- Print TCP sequence # with -vv even if you normally wouldn't +- Print as much of IP/TCP/UDP headers as possible even if truncated. + +itojun@iijlab.net +- -X will make a ascii dump. from netbsd. +- telnet command sequence decoder (ff xx xx). from netbsd. +- print-bgp.c: improve options printing. ugly code exists for + unaligned option parsing (need some fix). +- const poisoning in SMB decoder. +- -Wall -Werror clean checks. +- bring in KAME IPv6/IPsec decoding code. + +Assar Westerlund +- SNMPv2 and SNMPv3 printer +- If compiled with libsmi, tcpdump can load MIBs on the fly to decode + SNMP packets. +- Incorporate NFS parsing code from NetBSD. Adds support for nfsv3. +- portability fixes +- permit building in different directories. + +Ken Hornstein +- bring in code at + /afs/transarc.com/public/afs-contrib/tools/tcpdump for parsing + AFS3 packets + +Andrew Tridgell +- SMB printing code + +Love +- print-rx.c: add code for printing MakeDir and StoreStatus. Also + change date format to the right one. + +Michael C. Richardson +- Created tcpdump.org repository + +v3.4 Sat Jul 25 12:40:55 PDT 1998 + +- Hardwire Linux slip support since it's too hard to detect. + +- Redo configuration of "network" libraries (-lsocket and -lnsl) to + deal with IRIX. Thanks to John Hawkinson (jhawk@mit.edu) + +- Added -a which tries to translate network and broadcast addresses to + names. Suggested by Rob van Nieuwkerk (robn@verdi.et.tudelft.nl) + +- Added a configure option to disable gcc. + +- Added a "raw" packet printer. + +- Not having an interface address is no longer fatal. Requested by John + Hawkinson. + +- Rework signal setup to accommodate Linux. + +- OSPF truncation check fix. Also display the type of OSPF packets + using MD5 authentication. Thanks to Brian Wellington + (bwelling@tis.com) + +- Fix truncation check bugs in the Kerberos printer. Reported by Ezra + Peisach (epeisach@mit.edu) + +- Don't catch SIGHUP when invoked with nohup(1). Thanks to Dave Plonka + (plonka@mfa.com) + +- Specify full install target as a way of detecting if install + directory does not exist. Thanks to Dave Plonka. + +- Bit-swap FDDI addresses for BSD/OS too. Thanks to Paul Vixie + (paul@vix.com) + +- Fix off-by-one bug when testing size of ethernet packets. Thanks to + Marty Leisner (leisner@sdsp.mc.xerox.com) + +- Add a local autoconf macro to check for routines in libraries; the + autoconf version is broken (it only puts the library name in the + cache variable name). Thanks to John Hawkinson. + +- Add a local autoconf macro to check for types; the autoconf version + is broken (it uses grep instead of actually compiling a code fragment). + +- Modified to support the new BSD/OS 2.1 PPP and SLIP link layer header + formats. + +- Extend OSF ip header workaround to versions 1 and 2. + +- Fix some signed problems in the nfs printer. As reported by David + Sacerdote (davids@silence.secnet.com) + +- Detect group wheel and use it as the default since BSD/OS' install + can't hack numeric groups. Reported by David Sacerdote. + +- AIX needs special loader options. Thanks to Jonathan I. Kamens + (jik@cam.ov.com) + +- Fixed the nfs printer to print port numbers in decimal. Thanks to + Kent Vander Velden (graphix@iastate.edu) + +- Find installed libpcap in /usr/local/lib when not using gcc. + +- Disallow network masks with non-network bits set. + +- Attempt to detect "egcs" versions of gcc. + +- Add missing closing double quotes when displaying bootp strings. + Reported by Viet-Trung Luu (vluu@picard.math.uwaterloo.ca) + +v3.3 Sat Nov 30 20:56:27 PST 1996 + +- Added Linux support. + +- GRE encapsulated packet printer thanks to John Hawkinson + (jhawk@mit.edu) + +- Rewrite gmt2local() to avoid problematic os dependencies. + +- Suppress nfs truncation message on errors. + +- Add missing m4 quoting in AC_LBL_UNALIGNED_ACCESS autoconf macro. + Reported by Joachim Ott (ott@ardala.han.de) + +- Enable "ip_hl vs. ip_vhl" workaround for OSF4 too. + +- Print arp hardware type in host order. Thanks to Onno van der Linden + (onno@simplex.nl) + +- Avoid solaris compiler warnings. Thanks to Bruce Barnett + (barnett@grymoire.crd.ge.com) + +- Fix rip printer to not print one more route than is actually in the + packet. Thanks to Jean-Luc Richier (Jean-Luc.Richier@imag.fr) and + Bill Fenner (fenner@parc.xerox.com) + +- Use autoconf endian detection since BYTE_ORDER isn't defined on all systems. + +- Fix dvmrp printer truncation checks and add a dvmrp probe printer. + Thanks to Danny J. Mitzel (mitzel@ipsilon.com) + +- Rewrite ospf printer to improve truncation checks. + +- Don't parse tcp options past the EOL. As noted by David Sacerdote + (davids@secnet.com). Also, check tcp options to make sure they ar + actually in the tcp header (in addition to the normal truncation + checks). Fix the SACK code to print the N blocks (instead of the + first block N times). + +- Don't say really small UDP packets are truncated just because they + aren't big enough to be a RPC. As noted by David Sacerdote. + +v3.2.1 Sun Jul 14 03:02:26 PDT 1996 + +- Added rfc1716 icmp codes as suggested by Martin Fredriksson + (martin@msp.se) + +- Print mtu for icmp unreach need frag packets. Thanks to John + Hawkinson (jhawk@mit.edu) + +- Decode icmp router discovery messages. Thanks to Jeffrey Honig + (jch@bsdi.com) + +- Added a printer entry for DLT_IEEE802 as suggested by Tak Kushida + (kushida@trl.ibm.co.jp) + +- Check igmp checksum if possible. Thanks to John Hawkinson. + +- Made changes for SINIX. Thanks to Andrej Borsenkow + (borsenkow.msk@sni.de) + +- Use autoconf's idea of the top level directory in install targets. + Thanks to John Hawkinson. + +- Avoid infinite loop in tcp options printing code. Thanks to Jeffrey + Mogul (mogul@pa.dec.com) + +- Avoid using -lsocket in IRIX 5.2 and earlier since it breaks snoop. + Thanks to John Hawkinson. + +- Added some more packet truncation checks. + +- On systems that have it, use sigset() instead of signal() since + signal() has different semantics on these systems. + +- Fixed some more alignment problems on the alpha. + +- Add code to massage unprintable characters in the domain and ipx + printers. Thanks to John Hawkinson. + +- Added explicit netmask support. Thanks to Steve Nuchia + (steve@research.oknet.com) + +- Add "sca" keyword (for DEC cluster services) as suggested by Terry + Kennedy (terry@spcvxa.spc.edu) + +- Add "atalk" keyword as suggested by John Hawkinson. + +- Added an igrp printer. Thanks to Francis Dupont + (francis.dupont@inria.fr) + +- Print IPX net numbers in hex a la Novell Netware. Thanks to Terry + Kennedy (terry@spcvxa.spc.edu) + +- Fixed snmp extended tag field parsing bug. Thanks to Pascal Hennequin + (pascal.hennequin@hugo.int-evry.fr) + +- Added some ETHERTYPEs missing on some systems. + +- Added truncated packet macros and various checks. + +- Fixed endian problems with the DECnet printer. + +- Use $CC when checking gcc version. Thanks to Carl Lindberg + (carl_lindberg@blacksmith.com) + +- Fixes for AIX (although this system is not yet supported). Thanks to + John Hawkinson. + +- Fix bugs in the autoconf misaligned accesses code fragment. + +- Include sys/param.h to get BYTE_ORDER in a few places. Thanks to + Pavlin Ivanov Radoslavov (pavlin@cs.titech.ac.jp) + +v3.2 Sun Jun 23 02:28:10 PDT 1996 + +- Print new icmp unreachable codes as suggested by Martin Fredriksson + (martin@msp.se). Also print code value when unknown for icmp redirect + and time exceeded. + +- Fix an alignment endian bug in getname(). Thanks to John Hawkinson. + +- Define "new" domain record types if not found in arpa/nameserv.h. + Resulted from a suggestion from John Hawkinson (jhawk@mit.edu). Also + fixed an endian bug when printing mx record and added some new record + types. + +- Added RIP V2 support. Thanks to Jeffrey Honig (jch@bsdi.com) + +- Added T/TCP options printing. As suggested by Richard Stevens + (rstevens@noao.edu) + +- Use autoconf to detect architectures that can't handle misaligned + accesses. + +v3.1 Thu Jun 13 20:59:32 PDT 1996 + +- Changed u_int32/int32 to u_int32_t/int32_t to be consistent with bsd + and bind (as suggested by Charles Hannum). + +- Port to GNU autoconf. + +- Add support for printing DVMRP and PIM traffic thanks to + Havard Eidnes (Havard.Eidnes@runit.sintef.no). + +- Fix AppleTalk, IPX and DECnet byte order problems due to wrong endian + define being referenced. Reported by Terry Kennedy. + +- Minor fixes to the man page thanks to Mark Andrews. + +- Endian fixes to RTP and vat packet dumpers, thanks to Bruce Mah + (bmah@cs.berkeley.edu). + +- Added support for new dns types, thanks to Rainer Orth. + +- Fixed tftp_print() to print the block number for ACKs. + +- Document -dd and -ddd. Resulted from a bug report from Charlie Slater + (cslater@imatek.com). + +- Check return status from malloc/calloc/etc. + +- Check return status from pcap_loop() so we can print an error and + exit with a bad status if there were problems. + +- Bail if ip option length is <= 0. Resulted from a bug report from + Darren Reed (darrenr@vitruvius.arbld.unimelb.edu.au). + +- Print out a little more information for sun rpc packets. + +- Add suport for Kerberos 4 thanks to John Hawkinson (jhawk@mit.edu). + +- Fixed the Fix EXTRACT_SHORT() and EXTRACT_LONG() macros (which were + wrong on little endian machines). + +- Fixed alignment bug in ipx_decode(). Thanks to Matt Crawford + (crawdad@fnal.gov). + +- Fix ntp_print() to not print garbage when the stratum is + "unspecified." Thanks to Deus Ex Machina (root@belle.bork.com). + +- Rewrote tcp options printer code to check for truncation. Added + selective acknowledgment case. + +- Fixed an endian bug in the ospf printer. Thanks to Jeffrey C Honig + (jch@bsdi.com) + +- Fix rip printer to handle 4.4 BSD sockaddr struct which only uses one + octet for the sa_family member. Thanks to Yoshitaka Tokugawa + (toku@dit.co.jp) + +- Don't checksum ip header if we don't have all of it. Thanks to John + Hawkinson (jhawk@mit.edu). + +- Print out hostnames if possible in egp printer. Thanks to Jeffrey + Honig (jhc@bsdi.com) + + +v3.1a1 Wed May 3 19:21:11 PDT 1995 + +- Include time.h when SVR4 is defined to avoid problems under Solaris + 2.3. + +- Fix etheraddr_string() in the ETHER_SERVICE to return the saved + strings, not the local buffer. Thanks to Stefan Petri + (petri@ibr.cs.tu-bs.de). + +- Detect when pcap raises the snaplen (e.g. with snit). Print a warning + that the selected value was not used. Thanks to Pascal Hennequin + (Pascal.Hennequin@hugo.int-evry.fr). + +- Add a truncated packet test to print-nfs.c. Thanks to Pascal Hennequin. + +- BYTEORDER -> BYTE_ORDER Thanks to Terry Kennedy (terry@spcvxa.spc.edu). + +v3.0.3 Sun Oct 1 18:35:00 GMT 1995 + +- Although there never was a 3.0.3 release, the linux boys cleverly + "released" one in late 1995. + +v3.0.2 Thu Apr 20 21:28:16 PDT 1995 + +- Change configuration to not use gcc v2 flags with gcc v1. + +- Redo gmt2local() so that it works under BSDI (which seems to return + an empty timezone struct from gettimeofday()). Based on report from + Terry Kennedy (terry@spcvxa.spc.edu). + +- Change configure to recognize IP[0-9]* as "mips" SGI hardware. Based + on report from Mark Andrews (mandrews@alias.com). + +- Don't pass cc flags to gcc. Resulted from a bug report from Rainer + Orth (ro@techfak.uni-bielefeld.de). + +- Fixed printout of connection id for uncompressed tcp slip packets. + Resulted from a bug report from Richard Stevens (rstevens@noao.edu). + +- Hack around deficiency in Ultrix's make. + +- Add ETHERTYPE_TRAIL define which is missing from irix5. + +v3.0.1 Wed Aug 31 22:42:26 PDT 1994 + +- Fix problems with gcc2 vs. malloc() and read() prototypes under SunOS 4. + +v3.0 Mon Jun 20 19:23:27 PDT 1994 + +- Added support for printing tcp option timestamps thanks to + Mark Andrews (mandrews@alias.com). + +- Reorganize protocol dumpers to take const pointers to packets so they + never change the contents (i.e., they used to do endian conversions + in place). Previously, whenever more than one pass was taken over + the packet, the packet contents would be dumped incorrectly (i.e., + the output form -x would be wrong on little endian machines because + the protocol dumpers would modify the data). Thanks to Charles Hannum + (mycroft@gnu.ai.mit.edu) for reporting this problem. + +- Added support for decnet protocol dumping thanks to Jeff Mogul + (mogul@pa.dec.com). + +- Fix bug that caused length of packet to be incorrectly printed + (off by ether header size) for unknown ethernet types thanks + to Greg Miller (gmiller@kayak.mitre.org). + +- Added support for IPX protocol dumping thanks to Brad Parker + (brad@fcr.com). + +- Added check to verify IP header checksum under -v thanks to + Brad Parker (brad@fcr.com). + +- Move packet capture code to new libpcap library (which is + packaged separately). + +- Prototype everything and assume an ansi compiler. + +- print-arp.c: Print hardware ethernet addresses if they're not + what we expect. + +- print-bootp.c: Decode the cmu vendor field. Add RFC1497 tags. + Many helpful suggestions from Gordon Ross (gwr@jericho.mc.com). + +- print-fddi.c: Improvements. Thanks to Jeffrey Mogul + (mogul@pa.dec.com). + +- print-icmp.c: Byte swap netmask before printing. Thanks to + Richard Stevens (rstevens@noao.edu). Print icmp type when unknown. + +- print-ip.c: Print the inner ip datagram of ip-in-ip encapsulated packets. + By default, only the inner packet is dumped, appended with the token + "(encap)". Under -v, both the inner and output packets are dumped + (on the same line). Note that the filter applies to the original packet, + not the encapsulated packet. So if you run tcpdump on a net with an + IP Multicast tunnel, you cannot filter out the datagrams using the + conventional syntax. (You can filter away all the ip-in-ip traffic + with "not ip proto 4".) + +- print-nfs.c: Keep pending rpc's in circular table. Add generic + nfs header and remove os dependences. Thanks to Jeffrey Mogul. + +- print-ospf.c: Improvements. Thanks to Jeffrey Mogul. + +- tcpdump.c: Add -T flag allows interpretation of "vat", "wb", "rpc" + (sunrpc) and rtp packets. Added "inbound" and "outbound" keywords + Add && and || operators + +v2.2.1 Tue Jun 6 17:57:22 PDT 1992 + +- Fix bug with -c flag. + +v2.2 Fri May 22 17:19:41 PDT 1992 + +- savefile.c: Remove hack that shouldn't have been exported. Add + truncate checks. + +- Added the 'icmp' keyword. For example, 'icmp[0] != 8 and icmp[0] != 0' + matches non-echo/reply ICMP packets. + +- Many improvements to filter code optimizer. + +- Added 'multicast' keyword and extended the 'broadcast' keyword can now be + so that protocol qualifications are allowed. For example, "ip broadcast" + and "ether multicast" are valid filters. + +- Added support for monitoring the loopback interface (i.e. 'tcpdump -i lo'). + Jeffrey Honig (jch@MITCHELL.CIT.CORNELL.EDU) contributed the kernel + patches to netinet/if_loop.c. + +- Added support for the Ungermann-Bass Ethernet on IBM/PC-RTs running AOS. + Contact Jeffrey Honig (jch@MITCHELL.CIT.CORNELL.EDU) for the diffs. + +- Added EGP and OSPF printers, thanks to Jeffrey Honig. + +v2.1 Tue Jan 28 11:00:14 PST 1992 + +- Internal release (never publically exported). + +v2.0.1 Sun Jan 26 21:10:10 PDT + +- Various byte ordering fixes. + +- Add truncation checks. + +- inet.c: Support BSD style SIOCGIFCONF. + +- nametoaddr.c: Handle multi addresses for single host. + +- optimize.c: Rewritten. + +- pcap-bpf.c: don't choke when we get ptraced. only set promiscuous + for broadcast nets. + +- print-atal.c: Fix an alignment bug (thanks to + stanonik@nprdc.navy.mil) Add missing printf() argument. + +- print-bootp.c: First attempt at decoding the vendor buffer. + +- print-domain.c: Fix truncation checks. + +- print-icmp.c: Calculate length of packets from the ip header. + +- print-ip.c: Print frag id in decimal (so it's easier to match up + with non-frags). Add support for ospf, egp and igmp. + +- print-nfs.c: Lots of changes. + +- print-ntp.c: Make some verbose output depend on -v. + +- print-snmp.c: New version from John LoVerso. + +- print-tcp.c: Print rfc1072 tcp options. + +- tcpdump.c: Print "0x" prefix for %x formats. Always print 6 digits + (microseconds) worth of precision. Fix uid bugs. + +- A packet dumper has been added (thanks to Jeff Mogul of DECWRL). + With this option, you can create an architecture independent binary + trace file in real time, without the overhead of the packet printer. + At a later time, the packets can be filtered (again) and printed. + +- BSD is supported. You must have BPF in your kernel. + Since the filtering is now done in the kernel, fewer packets are + dropped. In fact, with BPF and the packet dumper option, a measly + Sun 3/50 can keep up with a busy network. + +- Compressed SLIP packets can now be dumped, provided you use our + SLIP software and BPF. These packets are dumped as any other IP + packet; the compressed headers are dumped with the '-e' option. + +- Machines with little-endian byte ordering are supported (thanks to + Jeff Mogul). + +- Ultrix 4.0 is supported (also thanks to Jeff Mogul). + +- IBM RT and Stanford Enetfilter support has been added by + Rayan Zachariassen . Tcpdump has been tested under + both the vanilla Enetfilter interface, and the extended interface + (#ifdef'd by IBMRTPC) present in the MERIT version of the Enetfilter. + +- TFTP packets are now printed (requests only). + +- BOOTP packets are now printed. + +- SNMP packets are now printed. (thanks to John LoVerso of Xylogics). + +- Sparc architectures, including the Sparcstation-1, are now + supported thanks to Steve McCanne and Craig Leres. + +- SunOS 4 is now supported thanks to Micky Liu of Columbia + University (micky@cunixc.cc.columbia.edu). + +- IP options are now printed. + +- RIP packets are now printed. + +- There's a -v flag that prints out more information than the + default (e.g., it will enable printing of IP ttl, tos and id) + and -q flag that prints out less (e.g., it will disable + interpretation of AppleTalk-in-UDP). + +- The grammar has undergone substantial changes (if you have an + earlier version of tcpdump, you should re-read the manual + entry). + + The most useful change is the addition of an expression + syntax that lets you filter on arbitrary fields or values in the + packet. E.g., "ip[0] > 0x45" would print only packets with IP + options, "tcp[13] & 3 != 0" would print only TCP SYN and FIN + packets. + + The most painful change is that concatenation no longer means + "and" -- e.g., you have to say "host foo and port bar" instead + of "host foo port bar". The up side to this down is that + repeated qualifiers can be omitted, making most filter + expressions shorter. E.g., you can now say "ip host foo and + (bar or baz)" to look at ip traffic between hosts foo and bar or + between hosts foo and baz. [The old way of saying this was "ip + host foo and (ip host bar or ip host baz)".] + +v2.0 Sun Jan 13 12:20:40 PST 1991 + +- Initial public release. + +<<<<<<< CHANGES +@(#) $Header: /Users/olsen/Code/cvs2svn-2010/os4-cvs-repository/contrib/roadshow/client-software/tcpdump-3.8.1/CHANGES,v 1.2 2004-09-22 15:40:54 olsen Exp $ (LBL) +======= +@(#) $Header: /Users/olsen/Code/cvs2svn-2010/os4-cvs-repository/contrib/roadshow/client-software/tcpdump-3.8.1/CHANGES,v 1.2 2004-09-22 15:40:54 olsen Exp $ (LBL) +>>>>>>> 1.81.2.1 diff --git a/CREDITS b/CREDITS new file mode 100755 index 0000000..1f1ae6e --- /dev/null +++ b/CREDITS @@ -0,0 +1,118 @@ +This file lists people who have contributed to tcpdump: + +The current maintainers: + Bill Fenner + Fulvio Risso + Guy Harris + Hannes Gredler + Jun-ichiro itojun Hagino + Michael Richardson + +Additional people who have contributed patches: + + Andrew Brown + Alfredo Andres + Andrew Hintz + Andrew Tridgell + Arkadiusz Miskiewicz + Armando L. Caro Jr. + Atsushi Onoe + Ben Smithurst + Brent L. Bates + Brian Ginsbach + Bruce M. Simpson + Carles Kishimoto Bisbe + Charlie Lenahan + Charles M. Hannum + Chris G. Demetriou + Chris Jepeway + Craig Rodrigues + Crist J. Clark + Daniel Hagerty + Darren Reed + David Binderman + David Young + Francisco Matias Cuenca-Acuna + Frank Volf + Fulvio Risso + George Bakos + Gerald Combs + Gert Doering + Greg Stark + Gilbert Ramirez Jr. + Gisle Vanem + Hank Leininger + Harry Raaymakers + Heinz-Ado Arnolds + Hendrik Scholz + Jakob Schlyter + Jan Oravec + Jason R. Thorpe + Jefferson Ogata + Jeffrey Hutzelman + Jesper Peterson + Jim Hutchins + Tatuya Jinmei + Jørgen Thomsen + Julian Cowley + Kaarthik Sivakumar + Kazushi Sugyo + Kelly Carmichael + Ken Hornstein + Kevin Steves + Klaus Klein + Kris Kennaway + Krzysztof Halasa + Larry Lile + Lennert Buytenhek + Loris Degioanni + Love Hörnquist-Åstrand + Maciej W. Rozycki + Marc A. Lehmann + Mark Ellzey Thomas + Marko Kiiskila + Marshall Rose + Martin Husemann + Michael Madore + Michael Shalayeff + Michael T. Stolarchuk + Michele "mydecay" Marchetto + Monroe Williams + Motonori Shindo + Nathan J. Williams + Nathaniel Couper-Noles + Neil T. Spring + Niels Provos + Nickolai Zeldovich + Olaf Kirch + Onno van der Linden + Pascal Hennequin + Pasvorn Boonmark + Paul Mundt + Paul S. Traina + Pavlin Radoslavov + Pekka Savola + Peter Fales + Peter Jeremy + Phil Wood + Rafal Maszkowski + Rick Jones + Rick Watson + Rob Braun + Roderick Schertler + Sami Farin + Scott Rose + Sebastian Krahmer + Seth Webster + Takashi Yamamoto + Terry Kennedy + Timo Koskiahde + Tony Li + Uns Lider + Wilbert de Graaf + Yen Yen Lim + +The original LBL crew: + Steve McCanne + Craig Leres + Van Jacobson diff --git a/FILES b/FILES new file mode 100755 index 0000000..c9e10f1 --- /dev/null +++ b/FILES @@ -0,0 +1,217 @@ +CHANGES +CREDITS +FILES +INSTALL +LICENSE +Makefile.in +README +Readme.Win32 +VERSION +acconfig.h +aclocal.m4 +addrtoname.c +addrtoname.h +ah.h +aodv.h +appletalk.h +arcnet.h +atime.awk +atm.h +atmuni31.h +bootp.h +bpf_dump.c +chdlc.h +config.guess +config.h.in +config.sub +configure +configure.in +decnet.h +enc.h +esp.h +ether.h +ethertype.h +extract.h +fddi.h +gmpls.c +gmpls.h +gmt2local.c +gmt2local.h +icmp6.h +ieee802_11.h +igrp.h +install-sh +interface.h +ip.h +ip6.h +ipfc.h +ipproto.h +ipsec_doi.h +ipx.h +isakmp.h +l2tp.h +lane.h +lbl/os-osf4.h +lbl/os-solaris2.h +lbl/os-sunos4.h +lbl/os-ultrix4.h +llc.h +machdep.c +machdep.h +makemib +mib.h +missing/addrinfo.h +missing/addrsize.h +missing/bittypes.h +missing/dlnames.c +missing/datalinks.c +missing/getaddrinfo.c +missing/getnameinfo.c +missing/inet_aton.c +missing/inet_ntop.c +missing/inet_pton.c +missing/resolv6.h +missing/resolv_ext.h +missing/snprintf.c +missing/sockstorage.h +missing/strdup.c +missing/strlcat.c +missing/strlcpy.c +missing/strsep.c +mkdep +nameser.h +netbios.h +nfs.h +nfsfh.h +ntp.h +oakley.h +ospf.h +ospf6.h +packetdat.awk +parsenfsfh.c +pcap-missing.h +ppp.h +print-802_11.c +print-ah.c +print-aodv.c +print-arcnet.c +print-arp.c +print-ascii.c +print-atalk.c +print-atm.c +print-beep.c +print-bfd.c +print-bgp.c +print-bootp.c +print-cdp.c +print-chdlc.c +print-cip.c +print-cnfp.c +print-decnet.c +print-dhcp6.c +print-domain.c +print-dvmrp.c +print-egp.c +print-enc.c +print-esp.c +print-ether.c +print-fddi.c +print-fr.c +print-frag6.c +print-gre.c +print-hsrp.c +print-icmp.c +print-icmp6.c +print-igmp.c +print-igrp.c +print-ip.c +print-ip6.c +print-ip6opts.c +print-ipcomp.c +print-ipfc.c +print-ipx.c +print-isakmp.c +print-isoclns.c +print-krb.c +print-l2tp.c +print-lane.c +print-ldp.c +print-llc.c +print-lwres.c +print-mobile.c +print-mobility.c +print-mpls.c +print-msdp.c +print-netbios.c +print-nfs.c +print-ntp.c +print-null.c +print-ospf.c +print-ospf6.c +print-pflog.c +print-pim.c +print-ppp.c +print-pppoe.c +print-pptp.c +print-radius.c +print-raw.c +print-rip.c +print-ripng.c +print-rsvp.c +print-rt6.c +print-rx.c +print-sctp.c +print-sl.c +print-sll.c +print-smb.c +print-snmp.c +print-stp.c +print-sunatm.c +print-sunrpc.c +print-tcp.c +print-telnet.c +print-tftp.c +print-timed.c +print-token.c +print-udp.c +print-vjc.c +print-vrrp.c +print-wb.c +print-zephyr.c +route6d.h +rx.h +sctpConstants.h +sctpHeader.h +send-ack.awk +setsignal.c +setsignal.h +slcompress.h +slip.h +sll.h +smb.h +smbutil.c +stime.awk +strcasecmp.c +tcp.h +tcpdump.1 +tcpdump.c +tcpdump-stdinc.h +telnet.h +timed.h +token.h +udp.h +util.c +vfprintf.c +win32/Include/Arpa/tftp.h +win32/Include/errno.h +win32/Include/getopt.h +win32/Include/inetprivate.h +win32/Include/telnet.h +win32/Include/w32_fzs.h +win32/Include/Netinet/in_systm.h +win32/Include/Netinet/ip.h +win32/Include/Rpc/rpc.h +win32/Src/getopt.c +win32/prj/GNUmakefile +win32/prj/WinDump.dsp +win32/prj/WinDump.dsw diff --git a/GNUmakefile.68k b/GNUmakefile.68k new file mode 100755 index 0000000..750717d --- /dev/null +++ b/GNUmakefile.68k @@ -0,0 +1,201 @@ +# Generated automatically from Makefile.in by configure. +# Copyright (c) 1988, 1989, 1990, 1991, 1992, 1993, 1994, 1995, 1996, 1997 +# The Regents of the University of California. All rights reserved. +# +# Redistribution and use in source and binary forms, with or without +# modification, are permitted provided that: (1) source code distributions +# retain the above copyright notice and this paragraph in its entirety, (2) +# distributions including binary code include the above copyright notice and +# this paragraph in its entirety in the documentation or other materials +# provided with the distribution, and (3) all advertising materials mentioning +# features or use of this software display the following acknowledgement: +# ``This product includes software developed by the University of California, +# Lawrence Berkeley Laboratory and its contributors.'' Neither the name of +# the University nor the names of its contributors may be used to endorse +# or promote products derived from this software without specific prior +# written permission. +# THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. +# +# @(#) $Header: /Users/olsen/Code/cvs2svn-2010/os4-cvs-repository/contrib/roadshow/client-software/tcpdump-3.8.1/GNUmakefile.68k,v 1.2 2010-08-27 10:15:21 obarthel Exp $ (LBL) + +# +# Various configurable paths (remember to edit Makefile.in, not Makefile) +# + +# Top level hierarchy +prefix = /usr/local +exec_prefix = ${prefix} +# Pathname of directory to install the binary +sbindir = ${exec_prefix}/sbin +# Pathname of directory to install the man page +mandir = ${prefix}/man + +# VPATH +srcdir = . + +# +# You shouldn't need to edit anything below here. +# + +CC = gcc +PROG = tcpdump +CCOPT = -O -fomit-frame-pointer -fstrength-reduce -finline-functions -fno-builtin +#CCOPT = -m68020-60 -O -fomit-frame-pointer -fstrength-reduce -finline-functions -fno-builtin +#CCOPT = -O2 -fomit-frame-pointer -fstrength-reduce -finline-functions -fno-builtin +INCLS = -I../libpcap-0.8.1 -I../../rpcsrc-4.0 -I. -I../../include-sdk -Imissing +#DEFS = -DAMIGA_NO_RPC -D__USE_NETINET_IN_H -DHAVE_CONFIG_H -D_U_=__attribute__((unused)) +DEFS = -D__USE_NETINET_IN_H -DHAVE_CONFIG_H -D_U_=__attribute__((unused)) + +# Standard CFLAGS +CFLAGS = $(CCOPT) $(DEFS) $(INCLS) + +# Standard LDFLAGS +LDFLAGS = + +# Standard LIBS +LIBS = -L../libpcap-0.8.1 -lpcap -lunix -lm -lnet + +INSTALL = /bin/install -c +INSTALL_PROGRAM = ${INSTALL} +INSTALL_DATA = ${INSTALL} -m 644 + +# Explicitly define compilation rule since SunOS 4's make doesn't like gcc. +# Also, gcc does not remove the .o before forking 'as', which can be a +# problem if you don't own the file but can write to the directory. +.c.o: +# @rm -f $@ + $(CC) $(CFLAGS) -c $*.c + +CSRC = addrtoname.c gmpls.c gmt2local.c machdep.c parsenfsfh.c \ + print-802_11.c print-ah.c print-arcnet.c print-aodv.c \ + print-arp.c print-ascii.c print-atalk.c print-atm.c \ + print-beep.c print-bfd.c print-bgp.c print-bootp.c print-cdp.c \ + print-chdlc.c print-cip.c print-cnfp.c print-decnet.c \ + print-domain.c print-dvmrp.c print-enc.c print-egp.c \ + print-esp.c print-ether.c print-fddi.c print-fr.c \ + print-gre.c print-hsrp.c print-icmp.c print-igmp.c \ + print-igrp.c print-ip.c print-ipcomp.c print-ipfc.c \ + print-ipx.c print-isakmp.c print-isoclns.c print-krb.c \ + print-l2tp.c print-lane.c print-ldp.c print-llc.c \ + print-lwres.c print-mobile.c print-mpls.c print-msdp.c \ + print-nfs.c print-ntp.c print-null.c print-ospf.c \ + print-pflog.c print-pim.c print-ppp.c print-pppoe.c \ + print-pptp.c print-radius.c print-raw.c print-rip.c \ + print-rsvp.c print-rx.c print-sctp.c print-sl.c print-sll.c \ + print-snmp.c print-stp.c print-sunatm.c print-sunrpc.c \ + print-tcp.c print-telnet.c print-tftp.c print-timed.c \ + print-token.c print-udp.c print-vjc.c print-vrrp.c \ + print-wb.c print-zephyr.c setsignal.c tcpdump.c util.c + +LOCALSRC = print-smb.c smbutil.c +GENSRC = version.c +LIBOBJS = strlcat.o strlcpy.o strsep.o inet_ntop.o inet_pton.o inet_aton.o getrpcent.o + +SRC = $(CSRC) $(GENSRC) $(LOCALSRC) + +# We would like to say "OBJ = $(SRC:.c=.o)" but Ultrix's make cannot +# hack the extra indirection +OBJ = $(CSRC:.c=.o) $(GENSRC:.c=.o) $(LOCALSRC:.c=.o) $(LIBOBJS) +HDR = addrtoname.h appletalk.h bootp.h decnet.h \ + ethertype.h extract.h fddi.h gmt2local.h igrp.h interface.h \ + ipx.h llc.h machdep.h mib.h nfsfh.h nfsv2.h ntp.h ospf.h \ + setsignal.h \ + gnuc.h ipsec_doi.h isakmp.h l2tp.h nameser.h \ + netbios.h oakley.h ospf6.h ppp.h route6d.h + +TAGHDR = \ + /usr/include/arpa/tftp.h \ + /usr/include/net/if_arp.h \ + /usr/include/net/slip.h \ + /usr/include/netinet/if_ether.h \ + /usr/include/netinet/in.h \ + /usr/include/netinet/ip_icmp.h \ + /usr/include/netinet/tcp.h \ + /usr/include/netinet/udp.h \ + /usr/include/protocols/routed.h + +TAGFILES = $(SRC) $(HDR) $(TAGHDR) + +CLEANFILES = $(PROG) $(OBJ) $(GENSRC) + +all: $(PROG) + +$(PROG): $(OBJ) + @rm -f $@ + $(CC) $(CFLAGS) $(LDFLAGS) -o $@ $(OBJ) $(LIBS) -s -Wl,--cref,-M,-Map=$@.map + +datalinks.o: missing/datalinks.c + $(CC) $(CFLAGS) -o $@ -c missing/datalinks.c +dlnames.o: missing/dlnames.c + $(CC) $(CFLAGS) -o $@ -c missing/dlnames.c +getnameinfo.o: missing/getnameinfo.c + $(CC) $(CFLAGS) -o $@ -c missing/getnameinfo.c +getaddrinfo.o: missing/getaddrinfo.c + $(CC) $(CFLAGS) -o $@ -c missing/getaddrinfo.c +inet_pton.o: missing/inet_pton.c + $(CC) $(CFLAGS) -o $@ -c missing/inet_pton.c +inet_ntop.o: missing/inet_ntop.c + $(CC) $(CFLAGS) -o $@ -c missing/inet_ntop.c +inet_aton.o: missing/inet_aton.c + $(CC) $(CFLAGS) -o $@ -c missing/inet_aton.c +snprintf.o: missing/snprintf.c + $(CC) $(CFLAGS) -o $@ -c missing/snprintf.c +strlcat.o: missing/strlcat.c + $(CC) $(CFLAGS) -o $@ -c missing/strlcat.c +strlcpy.o: missing/strlcpy.c + $(CC) $(CFLAGS) -o $@ -c missing/strlcpy.c +strsep.o: missing/strsep.c + $(CC) $(CFLAGS) -o $@ -c missing/strsep.c + +version.o: version.c + $(CC) $(CFLAGS) -c version.c + +#version.c: VERSION +# @rm -f $@ +# sed -e 's/.*/char version[] = "&";/' VERSION > $@ + +install: + [ -d $(DESTDIR)$(sbindir) ] || \ + (mkdir -p $(DESTDIR)$(sbindir); chmod 755 $(DESTDIR)$(sbindir)) + $(INSTALL_PROGRAM) $(PROG) $(DESTDIR)$(sbindir)/$(PROG) + [ -d $(DESTDIR)$(mandir)/man1 ] || \ + (mkdir -p $(DESTDIR)$(mandir)/man1; chmod 755 $(DESTDIR)$(mandir)/man1) + $(INSTALL_DATA) $(PROG).1 $(DESTDIR)$(mandir)/man1/$(PROG).1 + +uninstall: + rm -f $(DESTDIR)$(sbindir)/$(PROG) + rm -f $(DESTDIR)$(mandir)/man1/$(PROG).1 + +lint: $(GENSRC) + lint -hbxn $(SRC) | \ + grep -v 'struct/union .* never defined' | \ + grep -v 'possible pointer alignment problem' + +clean: + rm -f $(CLEANFILES) + +distclean: + rm -f $(CLEANFILES) Makefile config.cache config.log config.status \ + config.h gnuc.h os-proto.h stamp-h stamp-h.in + +tags: $(TAGFILES) + ctags -wtd $(TAGFILES) + +tar: + @cwd=`pwd` ; dir=`basename $$cwd` ; name=$(PROG)-`cat VERSION` ; \ + list="" ; tar="tar chf" ; \ + for i in `cat FILES` ; do list="$$list $$name/$$i" ; done; \ + echo \ + "rm -f ../$$name; ln -s $$dir ../$$name" ; \ + rm -f ../$$name; ln -s $$dir ../$$name ; \ + echo \ + "(cd .. ; $$tar - [lots of files]) | compress > /tmp/$$name.tar.Z" ; \ + (cd .. ; $$tar - $$list) | compress > /tmp/$$name.tar.Z ; \ + echo \ + "rm -f ../$$name" ; \ + rm -f ../$$name + +depend: $(GENSRC) + ${srcdir}/mkdep -c $(CC) $(DEFS) $(INCLS) $(SRC) diff --git a/GNUmakefile.os4 b/GNUmakefile.os4 new file mode 100755 index 0000000..b6c7000 --- /dev/null +++ b/GNUmakefile.os4 @@ -0,0 +1,207 @@ +# Generated automatically from Makefile.in by configure. +# Copyright (c) 1988, 1989, 1990, 1991, 1992, 1993, 1994, 1995, 1996, 1997 +# The Regents of the University of California. All rights reserved. +# +# Redistribution and use in source and binary forms, with or without +# modification, are permitted provided that: (1) source code distributions +# retain the above copyright notice and this paragraph in its entirety, (2) +# distributions including binary code include the above copyright notice and +# this paragraph in its entirety in the documentation or other materials +# provided with the distribution, and (3) all advertising materials mentioning +# features or use of this software display the following acknowledgement: +# ``This product includes software developed by the University of California, +# Lawrence Berkeley Laboratory and its contributors.'' Neither the name of +# the University nor the names of its contributors may be used to endorse +# or promote products derived from this software without specific prior +# written permission. +# THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. +# +# @(#) $Header: /Users/olsen/Code/cvs2svn-2010/os4-cvs-repository/contrib/roadshow/client-software/tcpdump-3.8.1/GNUmakefile.os4,v 1.2 2008-11-06 11:07:41 obarthel Exp $ (LBL) + +# +# Various configurable paths (remember to edit Makefile.in, not Makefile) +# + +# Top level hierarchy +prefix = /usr/local +exec_prefix = ${prefix} +# Pathname of directory to install the binary +sbindir = ${exec_prefix}/sbin +# Pathname of directory to install the man page +mandir = ${prefix}/man + +# VPATH +srcdir = . + +# +# You shouldn't need to edit anything below here. +# + +PROG = tcpdump +CC = ppc-amigaos-gcc + +WARNINGS = \ + -Wall -W -Wshadow -Wpointer-arith -Wsign-compare -Wmissing-prototypes \ + -Wundef -Wbad-function-cast -Wmissing-declarations -Wconversion + +OPTIMIZE = -O -fomit-frame-pointer -fstrength-reduce -finline-functions + +CCOPT = -D__USE_INLINE__ -mcrt=clib2 $(OPTIMIZE) $(WARNINGS) -I/V/include -I../../include-sdk -I. -fno-builtin -D__NO_NET_API -DNDEBUG +INCLS = -I../libpcap-0.8.1 -I../../rpcsrc-4.0 -I. -I../../include-sdk -Imissing +DEFS = -DHAVE_CONFIG_H -D_U_=__attribute__\(\(unused\)\) + +# Standard CFLAGS +CFLAGS = $(CCOPT) $(DEFS) $(INCLS) + +# Standard LDFLAGS +LDFLAGS = + +# Standard LIBS +LIBS = -L../libpcap-0.8.1 -lpcap -lunix -lm -lnet + +INSTALL = /bin/install -c +INSTALL_PROGRAM = ${INSTALL} +INSTALL_DATA = ${INSTALL} -m 644 + +# Explicitly define compilation rule since SunOS 4's make doesn't like gcc. +# Also, gcc does not remove the .o before forking 'as', which can be a +# problem if you don't own the file but can write to the directory. +.c.o: +# @rm -f $@ + $(CC) $(CFLAGS) -c $*.c + +CSRC = addrtoname.c gmpls.c gmt2local.c machdep.c parsenfsfh.c \ + print-802_11.c print-ah.c print-arcnet.c print-aodv.c \ + print-arp.c print-ascii.c print-atalk.c print-atm.c \ + print-beep.c print-bfd.c print-bgp.c print-bootp.c print-cdp.c \ + print-chdlc.c print-cip.c print-cnfp.c print-decnet.c \ + print-domain.c print-dvmrp.c print-enc.c print-egp.c \ + print-esp.c print-ether.c print-fddi.c print-fr.c \ + print-gre.c print-hsrp.c print-icmp.c print-igmp.c \ + print-igrp.c print-ip.c print-ipcomp.c print-ipfc.c \ + print-ipx.c print-isakmp.c print-isoclns.c print-krb.c \ + print-l2tp.c print-lane.c print-ldp.c print-llc.c \ + print-lwres.c print-mobile.c print-mpls.c print-msdp.c \ + print-nfs.c print-ntp.c print-null.c print-ospf.c \ + print-pflog.c print-pim.c print-ppp.c print-pppoe.c \ + print-pptp.c print-radius.c print-raw.c print-rip.c \ + print-rsvp.c print-rx.c print-sctp.c print-sl.c print-sll.c \ + print-snmp.c print-stp.c print-sunatm.c print-sunrpc.c \ + print-tcp.c print-telnet.c print-tftp.c print-timed.c \ + print-token.c print-udp.c print-vjc.c print-vrrp.c \ + print-wb.c print-zephyr.c setsignal.c tcpdump.c util.c + +LOCALSRC = print-smb.c smbutil.c +GENSRC = version.c +LIBOBJS = strlcat.o strlcpy.o strsep.o inet_ntop.o inet_pton.o inet_aton.o getrpcent.o + +SRC = $(CSRC) $(GENSRC) $(LOCALSRC) + +# We would like to say "OBJ = $(SRC:.c=.o)" but Ultrix's make cannot +# hack the extra indirection +OBJ = $(CSRC:.c=.o) $(GENSRC:.c=.o) $(LOCALSRC:.c=.o) $(LIBOBJS) +HDR = addrtoname.h appletalk.h bootp.h decnet.h \ + ethertype.h extract.h fddi.h gmt2local.h igrp.h interface.h \ + ipx.h llc.h machdep.h mib.h nfsfh.h nfsv2.h ntp.h ospf.h \ + setsignal.h \ + gnuc.h ipsec_doi.h isakmp.h l2tp.h nameser.h \ + netbios.h oakley.h ospf6.h ppp.h route6d.h + +TAGHDR = \ + /usr/include/arpa/tftp.h \ + /usr/include/net/if_arp.h \ + /usr/include/net/slip.h \ + /usr/include/netinet/if_ether.h \ + /usr/include/netinet/in.h \ + /usr/include/netinet/ip_icmp.h \ + /usr/include/netinet/tcp.h \ + /usr/include/netinet/udp.h \ + /usr/include/protocols/routed.h + +TAGFILES = $(SRC) $(HDR) $(TAGHDR) + +#CLEANFILES = $(PROG) $(OBJ) $(GENSRC) +CLEANFILES = $(PROG) $(OBJ) + +all: $(PROG) + +$(PROG): $(OBJ) + @rm -f $@ + $(CC) $(CFLAGS) $(LDFLAGS) -o $@.debug $(OBJ) $(LIBS) -Wl,--cref,-M,-Map=$@.map + @ppc-amigaos-strip -R.comment -o $@ $@.debug + +datalinks.o: missing/datalinks.c + $(CC) $(CFLAGS) -o $@ -c missing/datalinks.c +dlnames.o: missing/dlnames.c + $(CC) $(CFLAGS) -o $@ -c missing/dlnames.c +getnameinfo.o: missing/getnameinfo.c + $(CC) $(CFLAGS) -o $@ -c missing/getnameinfo.c +getaddrinfo.o: missing/getaddrinfo.c + $(CC) $(CFLAGS) -o $@ -c missing/getaddrinfo.c +inet_pton.o: missing/inet_pton.c + $(CC) $(CFLAGS) -o $@ -c missing/inet_pton.c +inet_ntop.o: missing/inet_ntop.c + $(CC) $(CFLAGS) -o $@ -c missing/inet_ntop.c +inet_aton.o: missing/inet_aton.c + $(CC) $(CFLAGS) -o $@ -c missing/inet_aton.c +snprintf.o: missing/snprintf.c + $(CC) $(CFLAGS) -o $@ -c missing/snprintf.c +strlcat.o: missing/strlcat.c + $(CC) $(CFLAGS) -o $@ -c missing/strlcat.c +strlcpy.o: missing/strlcpy.c + $(CC) $(CFLAGS) -o $@ -c missing/strlcpy.c +strsep.o: missing/strsep.c + $(CC) $(CFLAGS) -o $@ -c missing/strsep.c + +version.o: version.c + $(CC) $(CFLAGS) -c version.c + +#version.c: VERSION +# @rm -f $@ +# sed -e 's/.*/char version[] = "&";/' VERSION > $@ + +install: + [ -d $(DESTDIR)$(sbindir) ] || \ + (mkdir -p $(DESTDIR)$(sbindir); chmod 755 $(DESTDIR)$(sbindir)) + $(INSTALL_PROGRAM) $(PROG) $(DESTDIR)$(sbindir)/$(PROG) + [ -d $(DESTDIR)$(mandir)/man1 ] || \ + (mkdir -p $(DESTDIR)$(mandir)/man1; chmod 755 $(DESTDIR)$(mandir)/man1) + $(INSTALL_DATA) $(PROG).1 $(DESTDIR)$(mandir)/man1/$(PROG).1 + +uninstall: + rm -f $(DESTDIR)$(sbindir)/$(PROG) + rm -f $(DESTDIR)$(mandir)/man1/$(PROG).1 + +lint: $(GENSRC) + lint -hbxn $(SRC) | \ + grep -v 'struct/union .* never defined' | \ + grep -v 'possible pointer alignment problem' + +clean: + rm -f $(CLEANFILES) + +distclean: + rm -f $(CLEANFILES) Makefile config.cache config.log config.status \ + config.h gnuc.h os-proto.h stamp-h stamp-h.in + +tags: $(TAGFILES) + ctags -wtd $(TAGFILES) + +tar: + @cwd=`pwd` ; dir=`basename $$cwd` ; name=$(PROG)-`cat VERSION` ; \ + list="" ; tar="tar chf" ; \ + for i in `cat FILES` ; do list="$$list $$name/$$i" ; done; \ + echo \ + "rm -f ../$$name; ln -s $$dir ../$$name" ; \ + rm -f ../$$name; ln -s $$dir ../$$name ; \ + echo \ + "(cd .. ; $$tar - [lots of files]) | compress > /tmp/$$name.tar.Z" ; \ + (cd .. ; $$tar - $$list) | compress > /tmp/$$name.tar.Z ; \ + echo \ + "rm -f ../$$name" ; \ + rm -f ../$$name + +depend: $(GENSRC) + ${srcdir}/mkdep -c $(CC) $(DEFS) $(INCLS) $(SRC) diff --git a/INSTALL b/INSTALL new file mode 100755 index 0000000..2bb2a9d --- /dev/null +++ b/INSTALL @@ -0,0 +1,223 @@ +@(#) $Header: /Users/olsen/Code/cvs2svn-2010/os4-cvs-repository/contrib/roadshow/client-software/tcpdump-3.8.1/INSTALL,v 1.2 2004-09-22 15:40:54 olsen Exp $ (LBL) + +If you have not built libpcap, do so first. See the README +file in this directory for the ftp location. + +You will need an ANSI C compiler to build tcpdump. The configure script +will abort if your compiler is not ANSI compliant. If this happens, use +the GNU C compiler, available via anonymous ftp: + + ftp://ftp.gnu.org/pub/gnu/gcc/ + +After libpcap has been built (either install it with "make install" or +make sure both the libpcap and tcpdump source trees are in the same +directory), run ./configure (a shell script). "configure" will +determine your system attributes and generate an appropriate Makefile +from Makefile.in. Now build tcpdump by running "make". + +If everything builds ok, su and type "make install". This will install +tcpdump and the manual entry. By default, tcpdump is installed with +group execute permissions. The group used depends on your os. In +addition, BPF packet access is controlled by permissions to +/dev/bpf0. In any case, DO NOT give untrusted users the capability of +running tcpdump. Tcpdump can capture any traffic on your net, +including passwords. + +Note that most systems ship tcpdump, but usually an older version. +Remember to remove or rename the installed binary when upgrading. + +If you use Linux, this version of libpcap is known to compile and run +with 2.0.25 and more modern, and 2.2 and later, kernels. It is +guaranteed not to work with 1.X kernels. + +If your system is not one which we have tested tcpdump on, you may have +to modify the configure script and Makefile.in. Please send us patches +for any modifications you need to make. + +Please see "PLATFORMS" for notes about tested platforms. + + +FILES +----- +CHANGES - description of differences between releases +CREDITS - people that have helped tcpdump along +FILES - list of files exported as part of the distribution +INSTALL - this file +LICENSE - the license under which tcpdump is distributed +Makefile.in - compilation rules (input to the configure script) +README - description of distribution +Readme.Win32 - notes on building tcpdump on Win32 systems (with WinPcap) +VERSION - version of this release +acconfig.h - autoconf input +aclocal.m4 - autoconf macros +addrtoname.c - address to hostname routines +addrtoname.h - address to hostname definitions +ah.h - IPSEC Authentication Header definitions +aodv.h - AODV definitions +appletalk.h - AppleTalk definitions +arcnet.h - ARCNET definitions +atime.awk - TCP ack awk script +atm.h - ATM traffic type definitions +atmuni31.h - ATM Q.2931 definitions +bootp.h - BOOTP definitions +bpf_dump.c - BPF program printing routines, in case libpcap doesn't + have them +chdlc.h - Cisco HDLC definitions +config.guess - autoconf support +config.h.in - autoconf input +config.sub - autoconf support +configure - configure script (run this first) +configure.in - configure script source +decnet.h - DECnet definitions +enc.h - OpenBSD IPsec encapsulation BPF layer definitions +esp.h - IPSEC Encapsulating Security Payload definitions +ether.h - Ethernet definitions +ethertype.h - Ethernet type value definitions +extract.h - alignment definitions +fddi.h - Fiber Distributed Data Interface definitions +gmpls.c - GMPLS definitions +gmpls.h - GMPLS declarations +gmt2local.c - time conversion routines +gmt2local.h - time conversion prototypes +icmp6.h - ICMPv6 definitiions +ieee802_11.h - IEEE 802.11 definitions +igrp.h - Interior Gateway Routing Protocol definitions +install-sh - BSD style install script +interface.h - globals, prototypes and definitions +ip.h - IP definitions +ip6.h - IPv6 definitions +ipfc.h - IP-over-Fibre Channel definitions +ipproto.h - IP protocol type value definitions +ipsec_doi.h - ISAKMP packet definitions - RFC2407 +ipx.h - IPX definitions +isakmp.h - ISAKMP packet definitions - RFC2408 +l2tp.h - Layer Two Tunneling Protocol definitions +lane.h - ATM LANE definitions +lbl/os-*.h - OS-dependent defines and prototypes +llc.h - LLC definitions +machdep.c - machine dependent routines +machdep.h - machine dependent definitions +makemib - mib to header script +mib.h - mib definitions +missing/* - replacements for missing library functions +mkdep - construct Makefile dependency list +nameser.h - DNS definitions +netbios.h - NETBIOS definitions +nfs.h - Network File System V2 definitions +nfsfh.h - Network File System file handle definitions +ntp.h - Network Time Protocol definitions +oakley.h - ISAKMP packet definitions - RFC2409 +ospf.h - Open Shortest Path First definitions +ospf6.h - IPv6 Open Shortest Path First definitions +packetdat.awk - TCP chunk summary awk script +parsenfsfh.c - Network File System file parser routines +pcap-missing.h - declarations of functions possibly missing from libpcap +ppp.h - Point to Point Protocol definitions +print-802_11.c - IEEE 802.11 printer routines +print-ah.c - IPSEC Authentication Header printer routines +print-aodv.c - AODV printer routines +print-arcnet.c - ARCNET printer routines +print-arp.c - Address Resolution Protocol printer routines +print-ascii.c - ASCII packet dump routines +print-atalk.c - AppleTalk printer routines +print-atm.c - ATM printer routines +print-bgp.c - Border Gateway Protocol printer routines +print-bootp.c - BOOTP and IPv4 DHCP printer routines +print-beep.c - BEEP printer routines +print-cdp.c - Cisco Discovery Protocol printer routines +print-chdlc.c - Cisco HDLC printer routines +print-cip.c - Classical-IP over ATM routines +print-cnfp.c - Cisco NetFlow printer routines +print-decnet.c - DECnet printer routines +print-dhcp6.c - IPv6 DHCP printer routines +print-domain.c - Domain Name System printer routines +print-dvmrp.c - Distance Vector Multicast Routing Protocol printer routines +print-enc.c - OpenBSD IPsec encapsulation BPF layer printer routines +print-egp.c - External Gateway Protocol printer routines +print-esp.c - IPSEC Encapsulating Security Payload printer routines +print-ether.c - Ethernet printer routines +print-fddi.c - Fiber Distributed Data Interface printer routines +print-fr.c - Frame Relay printer routines +print-frag6.c - IPv6 fragmentation header printer routines +print-gre.c - Generic Routing Encapsulation printer routines +print-hsrp.c - Cisco Hot Standby Router Protocol printer routines +print-icmp.c - Internet Control Message Protocol printer routines +print-icmp6.c - IPv6 Internet Control Message Protocol printer routines +print-igmp.c - Internet Group Management Protocol printer routines +print-igrp.c - Interior Gateway Routing Protocol printer routines +print-ip.c - IP printer routines +print-ip6.c - IPv6 printer routines +print-ip6opts.c - IPv6 header option printer routines +print-ipcomp.c - IP Payload Compression Protocol printer routines +print-ipx.c - IPX printer routines +print-isakmp.c - Internet Security Association and Key Management Protocol +print-isoclns.c - ISO CLNS, ESIS, and ISIS printer routines +print-krb.c - Kerberos printer routines +print-l2tp.c - Layer Two Tunneling Protocol printer routines +print-lane.c - ATM LANE printer routines +print-llc.c - IEEE 802.2 LLC printer routines +print-lwres.c - Lightweight Resolver protocol printer routines +print-mobile.c - IPv4 mobility printer routines +print-mobility.c - IPv6 mobility printer routines +print-mpls.c - Multi-Protocol Label Switching printer routines +print-msdp.c - Multicast Source Discovery Protocol printer routines +print-netbios.c - NetBIOS frame protocol printer routines +print-nfs.c - Network File System printer routines +print-ntp.c - Network Time Protocol printer routines +print-null.c - BSD loopback device printer routines +print-ospf.c - Open Shortest Path First printer routines +print-ospf6.c - IPv6 Open Shortest Path First printer routines +print-pflog.c - OpenBSD packet filter log file printer routines +print-pim.c - Protocol Independent Multicast printer routines +print-ppp.c - Point to Point Protocol printer routines +print-pppoe.c - PPP-over-Ethernet printer routines +print-pptp.c - Point-to-Point Tunnelling Protocol printer routines +print-radius.c - Radius protocol printer routines +print-raw.c - Raw IP printer routines +print-rip.c - Routing Information Protocol printer routines +print-ripng.c - IPv6 Routing Information Protocol printer routines +print-rsvp.c - Resource reSerVation Protocol (RSVP) printer routines +print-rt6.c - IPv6 routing header printer routines +print-rx.c - AFS RX printer routines +print-sctp.c - Stream Control Transmission Protocol printer routines +print-sl.c - Compressed Serial Line Internet Protocol printer routines +print-sll.c - Linux "cooked" capture printer routines +print-smb.c - SMB/CIFS printer routines +print-snmp.c - Simple Network Management Protocol printer routines +print-stp.c - IEEE 802.1d spanning tree protocol printer routines +print-sunatm.c - SunATM DLPI capture printer routines +print-sunrpc.c - Sun Remote Procedure Call printer routines +print-tcp.c - TCP printer routines +print-telnet.c - Telnet option printer routines +print-tftp.c - Trivial File Transfer Protocol printer routines +print-timed.c - BSD time daemon protocol printer routines +print-token.c - Token Ring printer routines +print-udp.c - UDP printer routines +print-vjc.c - PPP Van Jacobson compression (RFC1144) printer routines +print-vrrp.c - Virtual Router Redundancy Protocol +print-wb.c - White Board printer routines +print-zephyr.c - Zephyr printer routines +route6d.h - packet definition for IPv6 Routing Information Protocol +rx.h - AFS RX definitions +sctpConstants.h - Stream Control Transmission Protocol constant definitions +sctpHeader.h - Stream Control Transmission Protocol packet definitions +send-ack.awk - unidirectional tcp send/ack awk script +setsignal.c - OS-independent signal routines +setsignal.h - OS-independent signal prototypes +slcompress.h - SLIP/PPP Van Jacobson compression (RFC1144) definitions +slip.h - SLIP definitions +sll.h - Linux "cooked" capture definitions +smb.h - SMB/CIFS definitions +smbutil.c - SMB/CIFS utility routines +stime.awk - TCP send awk script +strcasecmp.c - missing routine +tcp.h - TCP definitions +tcpdump.1 - manual entry +tcpdump.c - main program +telnet.h - Telnet definitions +timed.h - BSD time daemon protocol definitions +token.h - Token Ring definitions +udp.h - UDP definitions +util.c - utility routines +vfprintf.c - emulation routine +win32 - headers and routines for building on Win32 systems diff --git a/LICENSE b/LICENSE new file mode 100755 index 0000000..dea5f7d --- /dev/null +++ b/LICENSE @@ -0,0 +1,19 @@ +License: BSD + +Redistribution and use in source and binary forms, with or without +modification, are permitted provided that the following conditions +are met: + + 1. Redistributions of source code must retain the above copyright + notice, this list of conditions and the following disclaimer. + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in + the documentation and/or other materials provided with the + distribution. + 3. The names of the authors may not be used to endorse or promote + products derived from this software without specific prior + written permission. + +THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR +IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED +WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. diff --git a/Makefile-devel-adds b/Makefile-devel-adds new file mode 100755 index 0000000..512a119 --- /dev/null +++ b/Makefile-devel-adds @@ -0,0 +1,22 @@ +# +# Auto-regenerate configure script or Makefile when things change. +# From autoconf.info . Works best with GNU Make. +# +${srcdir}/configure: configure.in + cd ${srcdir} && autoconf + +# autoheader might not change config.h.in, so touch a stamp file. +${srcdir}/config.h.in: ${srcdir}/stamp-h.in +${srcdir}/stamp-h.in: configure.in acconfig.h + cd ${srcdir} && autoheader + echo timestamp > ${srcdir}/stamp-h.in + +config.h: stamp-h +stamp-h: ${srcdir}/config.h.in config.status + ./config.status + +Makefile: Makefile.in config.status + ./config.status + +config.status: ${srcdir}/configure + ./config.status --recheck diff --git a/Makefile.in b/Makefile.in new file mode 100755 index 0000000..1aaf463 --- /dev/null +++ b/Makefile.in @@ -0,0 +1,198 @@ +# Copyright (c) 1988, 1989, 1990, 1991, 1992, 1993, 1994, 1995, 1996, 1997 +# The Regents of the University of California. All rights reserved. +# +# Redistribution and use in source and binary forms, with or without +# modification, are permitted provided that: (1) source code distributions +# retain the above copyright notice and this paragraph in its entirety, (2) +# distributions including binary code include the above copyright notice and +# this paragraph in its entirety in the documentation or other materials +# provided with the distribution, and (3) all advertising materials mentioning +# features or use of this software display the following acknowledgement: +# ``This product includes software developed by the University of California, +# Lawrence Berkeley Laboratory and its contributors.'' Neither the name of +# the University nor the names of its contributors may be used to endorse +# or promote products derived from this software without specific prior +# written permission. +# THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. +# +# @(#) $Header: /Users/olsen/Code/cvs2svn-2010/os4-cvs-repository/contrib/roadshow/client-software/tcpdump-3.8.1/Makefile.in,v 1.2 2004-09-22 15:40:54 olsen Exp $ (LBL) + +# +# Various configurable paths (remember to edit Makefile.in, not Makefile) +# + +# Top level hierarchy +prefix = @prefix@ +exec_prefix = @exec_prefix@ +# Pathname of directory to install the binary +sbindir = @sbindir@ +# Pathname of directory to install the man page +mandir = @mandir@ + +# VPATH +srcdir = @srcdir@ +VPATH = @srcdir@ + +# +# You shouldn't need to edit anything below here. +# + +CC = @CC@ +PROG = tcpdump +CCOPT = @V_CCOPT@ +INCLS = -I. @V_INCLS@ +DEFS = @DEFS@ @V_DEFS@ + +# Standard CFLAGS +CFLAGS = $(CCOPT) $(DEFS) $(INCLS) + +# Standard LDFLAGS +LDFLAGS = @LDFLAGS@ + +# Standard LIBS +LIBS = @LIBS@ + +INSTALL = @INSTALL@ +INSTALL_PROGRAM = @INSTALL_PROGRAM@ +INSTALL_DATA = @INSTALL_DATA@ + +# Explicitly define compilation rule since SunOS 4's make doesn't like gcc. +# Also, gcc does not remove the .o before forking 'as', which can be a +# problem if you don't own the file but can write to the directory. +.c.o: + @rm -f $@ + $(CC) $(CFLAGS) -c $(srcdir)/$*.c + +CSRC = addrtoname.c gmpls.c gmt2local.c machdep.c parsenfsfh.c \ + print-802_11.c print-ah.c print-arcnet.c print-aodv.c \ + print-arp.c print-ascii.c print-atalk.c print-atm.c \ + print-beep.c print-bfd.c print-bgp.c print-bootp.c print-cdp.c \ + print-chdlc.c print-cip.c print-cnfp.c print-decnet.c \ + print-domain.c print-dvmrp.c print-enc.c print-egp.c \ + print-esp.c print-ether.c print-fddi.c print-fr.c \ + print-gre.c print-hsrp.c print-icmp.c print-igmp.c \ + print-igrp.c print-ip.c print-ipcomp.c print-ipfc.c \ + print-ipx.c print-isakmp.c print-isoclns.c print-krb.c \ + print-l2tp.c print-lane.c print-ldp.c print-llc.c \ + print-lwres.c print-mobile.c print-mpls.c print-msdp.c \ + print-nfs.c print-ntp.c print-null.c print-ospf.c \ + print-pflog.c print-pim.c print-ppp.c print-pppoe.c \ + print-pptp.c print-radius.c print-raw.c print-rip.c \ + print-rsvp.c print-rx.c print-sctp.c print-sl.c print-sll.c \ + print-snmp.c print-stp.c print-sunatm.c print-sunrpc.c \ + print-tcp.c print-telnet.c print-tftp.c print-timed.c \ + print-token.c print-udp.c print-vjc.c print-vrrp.c \ + print-wb.c print-zephyr.c setsignal.c tcpdump.c util.c + +LOCALSRC = @LOCALSRC@ +GENSRC = version.c +LIBOBJS = @LIBOBJS@ + +SRC = $(CSRC) $(GENSRC) $(LOCALSRC) + +# We would like to say "OBJ = $(SRC:.c=.o)" but Ultrix's make cannot +# hack the extra indirection +OBJ = $(CSRC:.c=.o) $(GENSRC:.c=.o) $(LOCALSRC:.c=.o) $(LIBOBJS) +HDR = addrtoname.h appletalk.h bootp.h decnet.h \ + ethertype.h extract.h fddi.h gmt2local.h igrp.h interface.h \ + ipx.h llc.h machdep.h mib.h nfsfh.h nfsv2.h ntp.h ospf.h \ + setsignal.h \ + gnuc.h ipsec_doi.h isakmp.h l2tp.h nameser.h \ + netbios.h oakley.h ospf6.h ppp.h route6d.h + +TAGHDR = \ + /usr/include/arpa/tftp.h \ + /usr/include/net/if_arp.h \ + /usr/include/net/slip.h \ + /usr/include/netinet/if_ether.h \ + /usr/include/netinet/in.h \ + /usr/include/netinet/ip_icmp.h \ + /usr/include/netinet/tcp.h \ + /usr/include/netinet/udp.h \ + /usr/include/protocols/routed.h + +TAGFILES = $(SRC) $(HDR) $(TAGHDR) + +CLEANFILES = $(PROG) $(OBJ) $(GENSRC) + +all: $(PROG) + +$(PROG): $(OBJ) @V_PCAPDEP@ + @rm -f $@ + $(CC) $(CFLAGS) $(LDFLAGS) -o $@ $(OBJ) $(LIBS) + +datalinks.o: $(srcdir)/missing/datalinks.c + $(CC) $(CFLAGS) -o $@ -c $(srcdir)/missing/datalinks.c +dlnames.o: $(srcdir)/missing/dlnames.c + $(CC) $(CFLAGS) -o $@ -c $(srcdir)/missing/dlnames.c +getnameinfo.o: $(srcdir)/missing/getnameinfo.c + $(CC) $(CFLAGS) -o $@ -c $(srcdir)/missing/getnameinfo.c +getaddrinfo.o: $(srcdir)/missing/getaddrinfo.c + $(CC) $(CFLAGS) -o $@ -c $(srcdir)/missing/getaddrinfo.c +inet_pton.o: $(srcdir)/missing/inet_pton.c + $(CC) $(CFLAGS) -o $@ -c $(srcdir)/missing/inet_pton.c +inet_ntop.o: $(srcdir)/missing/inet_ntop.c + $(CC) $(CFLAGS) -o $@ -c $(srcdir)/missing/inet_ntop.c +inet_aton.o: $(srcdir)/missing/inet_aton.c + $(CC) $(CFLAGS) -o $@ -c $(srcdir)/missing/inet_aton.c +snprintf.o: $(srcdir)/missing/snprintf.c + $(CC) $(CFLAGS) -o $@ -c $(srcdir)/missing/snprintf.c +strlcat.o: $(srcdir)/missing/strlcat.c + $(CC) $(CFLAGS) -o $@ -c $(srcdir)/missing/strlcat.c +strlcpy.o: $(srcdir)/missing/strlcpy.c + $(CC) $(CFLAGS) -o $@ -c $(srcdir)/missing/strlcpy.c +strsep.o: $(srcdir)/missing/strsep.c + $(CC) $(CFLAGS) -o $@ -c $(srcdir)/missing/strsep.c + +version.o: version.c + $(CC) $(CFLAGS) -c version.c + +version.c: $(srcdir)/VERSION + @rm -f $@ + sed -e 's/.*/char version[] = "&";/' $(srcdir)/VERSION > $@ + +install: + [ -d $(DESTDIR)$(sbindir) ] || \ + (mkdir -p $(DESTDIR)$(sbindir); chmod 755 $(DESTDIR)$(sbindir)) + $(INSTALL_PROGRAM) $(PROG) $(DESTDIR)$(sbindir)/$(PROG) + [ -d $(DESTDIR)$(mandir)/man1 ] || \ + (mkdir -p $(DESTDIR)$(mandir)/man1; chmod 755 $(DESTDIR)$(mandir)/man1) + $(INSTALL_DATA) $(srcdir)/$(PROG).1 $(DESTDIR)$(mandir)/man1/$(PROG).1 + +uninstall: + rm -f $(DESTDIR)$(sbindir)/$(PROG) + rm -f $(DESTDIR)$(mandir)/man1/$(PROG).1 + +lint: $(GENSRC) + lint -hbxn $(SRC) | \ + grep -v 'struct/union .* never defined' | \ + grep -v 'possible pointer alignment problem' + +clean: + rm -f $(CLEANFILES) + +distclean: + rm -f $(CLEANFILES) Makefile config.cache config.log config.status \ + config.h gnuc.h os-proto.h stamp-h stamp-h.in + +tags: $(TAGFILES) + ctags -wtd $(TAGFILES) + +tar: + @cwd=`pwd` ; dir=`basename $$cwd` ; name=$(PROG)-`cat VERSION` ; \ + list="" ; tar="tar chf" ; \ + for i in `cat FILES` ; do list="$$list $$name/$$i" ; done; \ + echo \ + "rm -f ../$$name; ln -s $$dir ../$$name" ; \ + rm -f ../$$name; ln -s $$dir ../$$name ; \ + echo \ + "(cd .. ; $$tar - [lots of files]) | compress > /tmp/$$name.tar.Z" ; \ + (cd .. ; $$tar - $$list) | compress > /tmp/$$name.tar.Z ; \ + echo \ + "rm -f ../$$name" ; \ + rm -f ../$$name + +depend: $(GENSRC) + ${srcdir}/mkdep -c $(CC) $(DEFS) $(INCLS) $(SRC) diff --git a/PLATFORMS b/PLATFORMS new file mode 100755 index 0000000..2e1aedf --- /dev/null +++ b/PLATFORMS @@ -0,0 +1,9 @@ +== Tested platforms == +NetBSD 1.5/i386 (mcr - 2002/1/1) +Debian Linux (woody/i386) (mcr - 2002/1/1) + +--- +RedHat Linux 6.1/i386 (assar) +FreeBSD 2.2.8/i386 (itojun) + + diff --git a/README b/README new file mode 100755 index 0000000..103a454 --- /dev/null +++ b/README @@ -0,0 +1,234 @@ +@(#) $Header: /Users/olsen/Code/cvs2svn-2010/os4-cvs-repository/contrib/roadshow/client-software/tcpdump-3.8.1/README,v 1.2 2004-09-22 15:40:54 olsen Exp $ (LBL) + +TCPDUMP 3.8 +Now maintained by "The Tcpdump Group" +See www.tcpdump.org + +Please send inquiries/comments/reports to tcpdump-workers@tcpdump.org + +Anonymous CVS is available via: + cvs -d :pserver:cvs.tcpdump.org:/tcpdump/master login + (password "anoncvs") + cvs -d :pserver:cvs.tcpdump.org:/tcpdump/master checkout tcpdump + +Version 3.8 of TCPDUMP can be retrived with the CVS tag "tcpdump_3_8rel1": + cvs -d :pserver:cvs.tcpdump.org:/tcpdump/master checkout -r tcpdump_3_8rel1 tcpdump + +Please send patches against the master copy to patches@tcpdump.org. + +formerly from Lawrence Berkeley National Laboratory + Network Research Group + ftp://ftp.ee.lbl.gov/tcpdump.tar.Z (3.4) + +This directory contains source code for tcpdump, a tool for network +monitoring and data acquisition. This software was originally +developed by the Network Research Group at the Lawrence Berkeley +National Laboratory. The original distribution is available via +anonymous ftp to ftp.ee.lbl.gov, in tcpdump.tar.Z. More recent +development is performed at tcpdump.org, http://www.tcpdump.org/ + +Tcpdump uses libpcap, a system-independent interface for user-level +packet capture. Before building tcpdump, you must first retrieve and +build libpcap, also originally from LBL and now being maintained by +tcpdump.org; see http://www.tcpdump.org/ . + +Once libpcap is built (either install it or make sure it's in +../libpcap), you can build tcpdump using the procedure in the INSTALL +file. + +The program is loosely based on SMI's "etherfind" although none of the +etherfind code remains. It was originally written by Van Jacobson as +part of an ongoing research project to investigate and improve tcp and +internet gateway performance. The parts of the program originally +taken from Sun's etherfind were later re-written by Steven McCanne of +LBL. To insure that there would be no vestige of proprietary code in +tcpdump, Steve wrote these pieces from the specification given by the +manual entry, with no access to the source of tcpdump or etherfind. + +Over the past few years, tcpdump has been steadily improved by the +excellent contributions from the Internet community (just browse +through the CHANGES file). We are grateful for all the input. + +Richard Stevens gives an excellent treatment of the Internet protocols +in his book ``TCP/IP Illustrated, Volume 1''. If you want to learn more +about tcpdump and how to interpret its output, pick up this book. + +Some tools for viewing and analyzing tcpdump trace files are available +from the Internet Traffic Archive: + + http://www.acm.org/sigcomm/ITA/ + +Another tool that tcpdump users might find useful is tcpslice: + + ftp://ftp.ee.lbl.gov/tcpslice.tar.Z + +It is a program that can be used to extract portions of tcpdump binary +trace files. See the above distribution for further details and +documentation. + +Problems, bugs, questions, desirable enhancements, etc. should be sent +to the address "tcpdump-workers@tcpdump.org". Bugs, support requests, +and feature requests may also be submitted on the SourceForge site for +tcpdump at + + http://sourceforge.net/projects/tcpdump/ + +Source code contributions, etc. should be sent to the email address +"patches@tcpdump.org", or submitted as patches on the SourceForge site +for tcpdump. + +Current versions can be found at www.tcpdump.org, or the SourceForge +site for tcpdump. + + - The TCPdump team + +original text by: Steve McCanne, Craig Leres, Van Jacobson + +------------------------------------- +This directory also contains some short awk programs intended as +examples of ways to reduce tcpdump data when you're tracking +particular network problems: + +send-ack.awk + Simplifies the tcpdump trace for an ftp (or other unidirectional + tcp transfer). Since we assume that one host only sends and + the other only acks, all address information is left off and + we just note if the packet is a "send" or an "ack". + + There is one output line per line of the original trace. + Field 1 is the packet time in decimal seconds, relative + to the start of the conversation. Field 2 is delta-time + from last packet. Field 3 is packet type/direction. + "Send" means data going from sender to receiver, "ack" + means an ack going from the receiver to the sender. A + preceding "*" indicates that the data is a retransmission. + A preceding "-" indicates a hole in the sequence space + (i.e., missing packet(s)), a "#" means an odd-size (not max + seg size) packet. Field 4 has the packet flags + (same format as raw trace). Field 5 is the sequence + number (start seq. num for sender, next expected seq number + for acks). The number in parens following an ack is + the delta-time from the first send of the packet to the + ack. A number in parens following a send is the + delta-time from the first send of the packet to the + current send (on duplicate packets only). Duplicate + sends or acks have a number in square brackets showing + the number of duplicates so far. + + Here is a short sample from near the start of an ftp: + 3.00 0.20 send . 512 + 3.20 0.20 ack . 1024 (0.20) + 3.20 0.00 send P 1024 + 3.40 0.20 ack . 1536 (0.20) + 3.80 0.40 * send . 0 (3.80) [2] + 3.82 0.02 * ack . 1536 (0.62) [2] + Three seconds into the conversation, bytes 512 through 1023 + were sent. 200ms later they were acked. Shortly thereafter + bytes 1024-1535 were sent and again acked after 200ms. + Then, for no apparent reason, 0-511 is retransmitted, 3.8 + seconds after its initial send (the round trip time for this + ftp was 1sec, +-500ms). Since the receiver is expecting + 1536, 1536 is re-acked when 0 arrives. + +packetdat.awk + Computes chunk summary data for an ftp (or similar + unidirectional tcp transfer). [A "chunk" refers to + a chunk of the sequence space -- essentially the packet + sequence number divided by the max segment size.] + + A summary line is printed showing the number of chunks, + the number of packets it took to send that many chunks + (if there are no lost or duplicated packets, the number + of packets should equal the number of chunks) and the + number of acks. + + Following the summary line is one line of information + per chunk. The line contains eight fields: + 1 - the chunk number + 2 - the start sequence number for this chunk + 3 - time of first send + 4 - time of last send + 5 - time of first ack + 6 - time of last ack + 7 - number of times chunk was sent + 8 - number of times chunk was acked + (all times are in decimal seconds, relative to the start + of the conversation.) + + As an example, here is the first part of the output for + an ftp trace: + + # 134 chunks. 536 packets sent. 508 acks. + 1 1 0.00 5.80 0.20 0.20 4 1 + 2 513 0.28 6.20 0.40 0.40 4 1 + 3 1025 1.16 6.32 1.20 1.20 4 1 + 4 1561 1.86 15.00 2.00 2.00 6 1 + 5 2049 2.16 15.44 2.20 2.20 5 1 + 6 2585 2.64 16.44 2.80 2.80 5 1 + 7 3073 3.00 16.66 3.20 3.20 4 1 + 8 3609 3.20 17.24 3.40 5.82 4 11 + 9 4097 6.02 6.58 6.20 6.80 2 5 + + This says that 134 chunks were transferred (about 70K + since the average packet size was 512 bytes). It took + 536 packets to transfer the data (i.e., on the average + each chunk was transmitted four times). Looking at, + say, chunk 4, we see it represents the 512 bytes of + sequence space from 1561 to 2048. It was first sent + 1.86 seconds into the conversation. It was last + sent 15 seconds into the conversation and was sent + a total of 6 times (i.e., it was retransmitted every + 2 seconds on the average). It was acked once, 140ms + after it first arrived. + +stime.awk +atime.awk + Output one line per send or ack, respectively, in the form +