Denis Ovsienko wrote:
> The host has an Ethernet interface with only an IPv6 link-local address
> (eth0). On top of it there is a VLAN interface with VID 75 (eth0.75),
> IPv6 link-local address and IPv4 address 10.0.75.254/24. The difference
> is, when tcpdump runs with "-i eth0.7
[...]
> If IPv4 Protocol is TCP, go to 10, else go to 11
>
> > (010) ret #0
>
> Reject packet
>
> > (011) ret #262144
>
> Accept packet
>
> So that *looks* OK.
Thank you for the analysis!
>
> Could you run "tcpdump -i eth0 -xx not tcp" and see what the co
On Tue, Jan 27, 2015 at 4:53 PM, Guy Harris wrote:
>
> On Jan 27, 2015, at 4:46 PM, Jesse Gross wrote:
>
>> I'm working on implementing support for Geneve in libpcap, which is
>> documented here:
>> http://tools.ietf.org/html/draft-gross-geneve-02
>>
>> Geneve is a tunneling protocol than can enc
On Jan 27, 2015, at 4:46 PM, Jesse Gross wrote:
> I'm working on implementing support for Geneve in libpcap, which is
> documented here:
> http://tools.ietf.org/html/draft-gross-geneve-02
>
> Geneve is a tunneling protocol than can encapsulate many different
> things - normally this would be Et
I'm working on implementing support for Geneve in libpcap, which is
documented here:
http://tools.ietf.org/html/draft-gross-geneve-02
Geneve is a tunneling protocol than can encapsulate many different
things - normally this would be Ethernet, IP, or IPv6 but it can be
anything with an EtherType. I
On Jan 27, 2015, at 4:28 PM, Denis Ovsienko wrote:
>
>> I.e., "tcpdump -i eth0 not tcp" prints *only* TCP packets?
>
> Yes, exactly. Just checked once again.
>
>> Just out of curiosity, what does "tcpdump -i eth0 -d not tcp" print?
>
> root@homepc:~# tcpdump -pni eth0 -d not tcp
> (000) ldh
> I.e., "tcpdump -i eth0 not tcp" prints *only* TCP packets?
Yes, exactly. Just checked once again.
> Just out of curiosity, what does "tcpdump -i eth0 -d not tcp" print?
root@homepc:~# tcpdump -pni eth0 -d not tcp
(000) ldh [12]
(001) jeq #0x86dd jt 2jf 7
(002) ldb
On Jan 27, 2015, at 4:09 PM, Denis Ovsienko wrote:
> some time ago I did troubleshooting on a Linux PC and that involved running
> tcpdump with the "not tcp" filter on a few network interfaces to put a number
> of background TCP connections out of scope (I was interested how other
> protocols
List,
some time ago I did troubleshooting on a Linux PC and that involved running
tcpdump with the "not tcp" filter on a few network interfaces to put a number
of background TCP connections out of scope (I was interested how other
protocols' packets were making from one interface to the other).
On Jan 27, 2015, at 1:58 AM, PEUGNEZ Baptiste wrote:
> I do computer security studies and I wanted to test Coverity, a source code
> analysis tool. If you're interested, I corrected a problem in /pcap-linux.c/
> file: uninitialized variable (/req.tp_frame_size/).
>
> You will find above the G
Hello,
I do computer security studies and I wanted to test Coverity, a source
code analysis tool. If you're interested, I corrected a problem in
/pcap-linux.c/ file: uninitialized variable (/req.tp_frame_size/).
You will find above the Github commit.
https://github.com/peugnezb/libpcap/commi
11 matches
Mail list logo