| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| ... | |
| | |
| |
| |
| |
| |
| |
| |
| | |
atexit() is only specified in standards as returning "a non-zero value"
on error; don't assume it returns -1, even if it's documented as doing
so on some platforms.
pcap_do_addexit() already fills in p->errbuf; don't do so in its callers.
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Add an if_flags_to_pcap_flags() routine to map the interface name (if
necessary) and IFF_ flags to PCAP_IF_ flags, and call that in the
platform-specific routines. That means that the calls to add to the
interface list don't need to use IFF_ flags, which are UN*Xisms.
Move the routines that update the interface list to fad-helpers.c,
leaving just the legacy APIs in inet.c.
Update finalldevstest to print out all the flags.
|
| | | |
|
| | |
| |
| |
| |
| | |
That way, you can at least get interface flags and time stamping
capabilities without requiring permission to actually open a device.
|
| | |
| |
| |
| |
| | |
That way, uou don't have to have AF_INET support. (You have to have
PF_PACKET support, but you need that for those code paths *anyway*.)
|
| | | |
|
| | | |
|
| | |
| |
| |
| |
| | |
Also, calculate the VLAN tag offset for DLT_LINUX_SLL based on the
DLT_LINUX_SLL header length, to make the code clearer.
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
On UN*Xes with snprintf(), we just #define pcap_snprintf to snprintf.
On UN*Xes without snprintf(), we provide our own, but call it
pcap_snprintf().
On Windows, we have a routine that wraps _snprintf(), with C99 semantics
(ensuring null termination if the string won't fit), called
pcap_snprintf(), and use that.
|
| | | |
|
| | |
| |
| |
| |
| |
| |
| | |
handlep->mondevice is null because strdup() failed; don't pass it to
del_mon_if(), pass what we tried to duplicate.
Fixes Coverity issue 1322848.
|
| | | |
|
| | | |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Yes, in some sense, it's an array of bytes - on modern processors, *all*
data is ultimately an array of bytes - but different modules will use it
in different ways, not all of which will be an undifferentiated array of
bytes.
This squelches a complaint from the Clang static analyzer.
Clean up some code while we're at it.
|
| | |
| |
| |
| |
| |
| |
| | |
That catches an admittedly-unlikely-but-not-impossible failure mode, and
cleans up a bit more, removing the newly-created monitor device.
Also clean up better if atexit() fails.
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Apparently, RHEL 6.3 and CentOS 6.4 define SO_BPF_EXTENSIONS but not
SKF_AD_VLAN_TAG_PRESENT in the userland header files; the kernel that
comes with them appears not to define or use either of them, so I guess
it doesn't actually support them.
Work around that nonsense by checking for both of them rather than just
for SO_BPF_EXTENSIONS.
Fixes GitHub issue #443.
|
| | |
| |
| |
| | |
Fixes GitHub issue #441.
|
| | | |
|
| | |
| |
| |
| |
| | |
With memory-mapped sockets, you have to call poll() to receive error
indications.
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
We don't need to do the workaround for not getting wakeups when buffers
are handed to us, nor do we have to do a timeout in poll() for the
benefit of programs that expect the timeout to expire even if no packets
have arrived, so, with TPACKET_V3 in 3.19 and later, we always use a
timeout of -1 for poll().
This eliminates some spurious wakeups from poll(), due to the poll()
call *itself* timing out, that turn into spurious timeouts; see GitHub
issue #383.
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Pull the check for the current ring buffer frame being owned by the
kernel out of pcap_wait_for_frames_mmap() and move it to its callers.
Replace most calls to pcap_get_ring_frame() with the appropriate code
for that particular version of tpacket; in most places, it's already
known what version of tpacket we have.
The one remaining place is the place in the pcap_setfilter() code where
we scan backwards to find out which packet buffers have already been
processed by the old filter; change that one *not* to move the current
pointer backwards and then restore it, but to check arbitrary buffers in
the ring. Have a pcap_get_ring_frame_status() routine which gets the
status field of a specified buffer.
When checking a buffer's status, check against TP_STATUS_KERNEL; it's
either exactly TP_STATUS_KERNEL, meaning it's owned by the kernel, or
it's TP_STATUS_USER ORed with zero or more flags, meaning it's owned by
userland.
This makes it a bit more obvious, in the pcap_read_linux_mmap_XXX
routines, what's being done.
|
| | |
| |
| |
| |
| | |
Instead, save it in the private per-handle structure, calculate it at
activate time, and recalculate it every time it needs to change.
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Fixes build failures like:
./pcap-linux.c: In function ‘is_bonding_device’:
./pcap-linux.c:962: error: ‘ifbond’ undeclared (first use in this function)
./pcap-linux.c:962: error: (Each undeclared identifier is reported only once
./pcap-linux.c:962: error: for each function it appears in.)
./pcap-linux.c:962: error: expected ‘;’ before ‘ifb’
./pcap-linux.c:966: error: ‘ifb’ undeclared (first use in this function)
|
| |/
|
|
|
|
|
| |
Use it to free up all memory attached to the pcap_t, as well as the
pcap_t itself; that closes some memory leaks.
Fixes GitHub issue #432.
|
| |
|
|
|
|
|
|
|
| |
Bonding devices on Linux return ENODEV for unknown socket ioctls, rather
than returning a normal "not supported" error such as ENOTSUP or
EOPNOTSUPP or ENOTTY, so, if we try Wireless Extension ioctls on them,
we get "no such device" errors rather than "no Wireless Extensions"
errors. Check for bonding devices, if possible, and avoid doing
Wireless Extensions ioctls on them.
|
| | |
|
| | |
|
| | |
|
| |\
| |
| | |
remove duplicate includes, align h1_64 with the other struct members
|
| | | |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Have a gauntlet of ISAs where the ISA has both 32-bit and 64-bit
flavors and Linux has supported the 64-bit flavor since before
TPACKET_V2 as introduced; define ISA_64_BIT to the uname() .machine
value for the 64-bit architecture, and compare against that, rather than
a hardcoded "x86_64".
Clean up white space, expand some comments, and check whether uname()
fails.
|
| |/
|
|
|
|
|
|
|
|
|
|
|
|
| |
Try TPACKET_V3 first, if it's defined and if immediate mode was not
requested; return if that succeeds or if it fails for a reason other
than "the kernel doesn't support TPACKET_V3". Then try TPACKET_V2, if
it's defined; return if that succeeds or fails for a reson other than
"the kernel doesn't support TPACKET_V2". Then go with TPACKET_V1 or
TPACKET_V1_64.
Don't set handlep->tp_version to TPACKET_V1 and handlep->tp_hdrlen to
sizeof(struct tpacket_hdr) until after we've found out that the kernel
supports neither TPACKET_V2 nor TPACKET_V3; init_tpacket() sets them if
it succeeds.
|
| | |
|
| | |
|
| |
|
|
|
| |
This is a port of the patch from an earlier bug report:
https://bugzilla.redhat.com/show_bug.cgi?id=557728
|
| |
|
|
|
|
|
|
|
| |
If there's a /sys/class/net/{device}/wireless directory for {device},
then it's a Wi-Fi device; check that first, and only use the wireless
extensions if that directory doesn't exist, to handle kernels that don't
have /sys or do but don't have /sys/class/net/{device}/wireless
directories. That way, we don't depend on Wi-Fi devices (or the kernel)
supporting the wireless extensions, at least for newer kernels.
|
| | |
|
| | |
|
| |
|
|
|
| |
Don't define iface_get_offload(), or anything it uses, if
HAVE_PACKET_RING isn't defined.
|
| |\
| |
| | |
Add the --disable-packet-ring configure option.
|
| | |
| |
| |
| |
| |
| |
| |
| | |
This allows the creation of 32-bit binaries that are compatible with
64-bit Linux kernels before version 2.6.27.
Original patch credit: David Fifield of the Nmap project
(https://svn.nmap.org/nmap/libpcap/NMAP_MODIFICATIONS/0002-Add-the-disable-packet-ring-configure-option.patch)
|
| |\ \
| | |
| | | |
pcap-linux: Obtain VLAN TPID from the kernel when available
|
| | | |
| | |
| | |
| | | |
Unify the VLAN TPID selection logic into a helper macro VLAN_TPID().
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | | |
The VLAN TPID was hardcoded in pcap-linux.c but recent Linux kernel
supports 802.1ad Q-in-Q.
Since Linux 3.14, kernel gives the TPID value to the userspace when
available.
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
If filtering in userland and capturing on a cooked interface, the packet buffer
being sent to bpf_filter_with_aux_data did not include the sll header, so the
filter was being applied improperly. The buffer would start at the layer3
header.
This change moves the code to fill out the sll structure and update the bp
pointer to point to it to before the call to bpf_filter_with_aux_data.
|
| | | | |
|
| | | | |
|
| | | |
| | |
| | |
| | | |
See, for example, GitHub libpcap issue #404.
|
| | | |
| | |
| | |
| | | |
The file descriptor was not closed in the right place
|
| | | |
| | |
| | |
| | | |
The variable "len" contains the buffer size "& bpf_extensions" but len is not initialized.
|
