Hello,
+all the frameworks, apps, Finder, etc
A nice system :-)
If DEFAULT_UDP_PORT is 256, then the statement
if (dst_port == 0x0100)
printf(Yes\n);
else
printf(No\n);
will print Yes, regardless of whether it's running on a big-
endian or little-endian machine.
sven,
you need to specify the keyword mpls in order to
shift the offsets to match IP addresses;
i.e.
tcpdump -n -i eth1 -O -vv mpls src net 195.113.0.0/16
pls turn off the optimizer [-O flag] as without tcpdump
returns the error tcpdump: expression rejects all packets;
guy, do you have any
seven,
sorry brain-fart;
the optimizer does the right thing;
the problem is that the bpf_code generation in
conjunction with the keyword mpls is broken;
i'll have a a look at that;
/hannes
--
sven,
you need to specify the keyword mpls in order to
shift the offsets to match IP addresses;
sven,
i have just checked in a fix for MPLS code generation into libpcap HEAD and 0_9:
---
if we have a MPLS label stack deeper 1 then generate a match
for a cleared bottom-of-stack-bit of the previous MPLS shim header
rather than just incrementing the offset;
if there is a compined
Hello,
I am new to the mailing list and also new to pcap, tcpdump, and tcp, in general.
I am trying to capture tcp packets and extract/print all its fields in
readable format. The sniffer works and I was able to print out the
whole packet (in hex) and confirmed it with Ethereal. The struct I
have
Hello, everyone:
I am using dagtools and tcpdump to parse the Leipzig-I trace. The
output is NOT what I expected. Using the same command, I can
successfully parse the Auckland-IV trace.
Anyone can help me??? Thanks a lot!
Zhen
output from parsing Leipzig-I trace, from
Hello, I am using libpcap library to capture ip data from data link. I am
wondering if there is a way to time out reading a packet from data link. For
example, if there is no data coming in 1 second, timer times out and process
will do other things, like nonblocking.
Now I am using pcap_loop
Michael Richardson wrote:
Now, we need to commit the fix :-)
I took that as an indication that I should check in the patch whose URL
I sent to the list; I've checked it into the main and x.9 branches.
There's also the other issue I mentioned:
However, I also noticed that, while -x
On Jul 7, 2005, at 7:45 PM, hong liu wrote:
Hello, I am using libpcap library to capture ip data from data
link. I am wondering if there is a way to time out reading a packet
from data link. For example, if there is no data coming in 1
second, timer times out and process will do other
On Jul 5, 2005, at 9:46 PM, dean gaudet wrote:
i also think the 3.9 behaviour needs some slight modifications, so
i'vemade two changes on top of your patch Guy.
Well, on top of one of the versions of my patch; it's not the version
that got checked in. (I did the original version at work,
On Fri, 8 Jul 2005, Guy Harris wrote:
On Jul 5, 2005, at 9:46 PM, dean gaudet wrote:
i also think the 3.9 behaviour needs some slight modifications, so
i'vemade two changes on top of your patch Guy.
Well, on top of one of the versions of my patch; it's not the version
that got
dear Thinh Ho:
get tcp header with the following way
struct ethhdr *eth;
struct iphdr *ip;
struct tcphdr *tcp;
eth=(struct ethhdr *)packet;
ip=(struct iphdr *)(eth+1);
tcp=(struct tcphdr *)((u_char *)ip+(ip-ihl2));
and you can see linux/tcp.h for
12 matches
Mail list logo
