Hi, here is a very quick fix so that at least tcpick does not segfault.
tcpick will abort like this with this patch: # tcpick -r /tmp/tcpick_test.pcap -a -Y -yP -n "not port 22" tcpick: invalid option -- Y Starting tcpick 0.2.1 at 2006-04-03 21:16 CEST Timeout for connections is 600 tcpick: reading from /tmp/tcpick_test.pcap setting filter: "not port 22" 1 SYN-SENT 10.1.7.1:1025 > 10.1.7.3:443 seqprobe .8...........1.7.1.10.in-addr.arpa..... SUICIDE: [got_packet] payload lenght calculated with iplen and hdr->len differs by -10 bytes hdr->len = 64 datalink_size = 14 IP_SIZE = 20 iplen = 40 tcp_size = 20 iplen - IP_SIZE - tcp_size = 0 (hdr->len - (int)( payload - packet ) = 10 3 packets captured 1 tcp sessions detected Regards, -- Cédric Delfosse, http://cdelfosse.free.fr Get a free backup server: http://lrs.linbox.org !
--- loop.c.orig 2006-04-03 21:39:35.000000000 +0200 +++ loop.c 2006-04-03 21:39:56.000000000 +0200 @@ -69,7 +69,6 @@ payload = (u_char *)(packet + datalink_size + IP_SIZE + tcp_size); payload_len = iplen - IP_SIZE - tcp_size; -#ifdef TCPICK_DEBUG if( payload_len != (hdr->len - (int)( payload - packet ) ) ) { suicide( "got_packet", "payload lenght calculated with iplen and hdr->len\n" @@ -92,7 +91,6 @@ ); } -#endif /* TCPICK_DEBUG */ if( flags.header > 0 ) display_header( stdout, ippacket, tcppacket,
signature.asc
Description: Ceci est une partie de message numériquement signée