diff options
| author | Elliott Hughes <enh@google.com> | 2017-12-20 01:01:04 +0000 |
|---|---|---|
| committer | android-build-merger <android-build-merger@google.com> | 2017-12-20 01:01:04 +0000 |
| commit | ed8f20d5079ec3d960d9c2bb7118ef3e808a06a7 (patch) | |
| tree | 50f775e61bd2e27a2d87eb6b4cea8162e50a947f | |
| parent | a9b933680b81642b4498c2db1d91f7ea4982d7f6 (diff) | |
| parent | 403326dc29eceff6ec70ba688741e6583ea0cea8 (diff) | |
| download | tcpdump-ed8f20d5079ec3d960d9c2bb7118ef3e808a06a7.tar.gz | |
Merge "Upgrade to tcpdump 4.9.1." am: 4901a3d370 am: a12065713d
am: 403326dc29
Change-Id: I22f1a42adfc06986be6d03c6c9bb42dbbddf33a5
| -rw-r--r-- | CHANGES | 63 | ||||
| -rw-r--r-- | CONTRIBUTING | 62 | ||||
| -rw-r--r-- | CREDITS | 6 | ||||
| -rw-r--r-- | INSTALL.txt | 1 | ||||
| -rw-r--r-- | PLATFORMS | 21 | ||||
| -rw-r--r-- | README.md | 34 | ||||
| -rw-r--r-- | README.version | 4 | ||||
| -rw-r--r-- | VERSION | 2 | ||||
| -rw-r--r-- | aclocal.m4 | 2 | ||||
| -rwxr-xr-x | configure | 2 | ||||
| -rw-r--r-- | print-m3ua.c | 2 | ||||
| -rw-r--r-- | print-ppp.c | 2 | ||||
| -rw-r--r-- | print-stp.c | 2 | ||||
| -rw-r--r-- | tcpdump.1.in | 197 | ||||
| -rw-r--r-- | tcpdump.c | 19 | ||||
| -rw-r--r-- | tests/TESTLIST | 532 | ||||
| -rwxr-xr-x | tests/TESTonce | 4 | ||||
| -rwxr-xr-x | tests/crypto.sh | 28 | ||||
| -rwxr-xr-x | tests/isis-seg-fault-1-v.sh | 6 | ||||
| -rwxr-xr-x | tests/lmp-v.sh | 7 | ||||
| -rwxr-xr-x | tests/nflog-e.sh | 7 | ||||
| -rw-r--r-- | tests/stp-v4-length-sigsegv.out | 1 | ||||
| -rw-r--r-- | tests/stp-v4-length-sigsegv.pcap | bin | 0 -> 324 bytes | |||
| -rw-r--r-- | version.c | 2 |
24 files changed, 553 insertions, 453 deletions
@@ -1,10 +1,16 @@ +Sunday July 23, 2017 denis@ovsienko.info + Summary for 4.9.1 tcpdump release + CVE-2017-11108/Fix bounds checking for STP. + Make assorted documentation updates and fix a few typos in tcpdump output. + Fixup -C for file size >2GB (GH #488). + Show AddressSanitizer presence in version output. + Fix a bug in test scripts (exposed in GH #613). + On FreeBSD adjust Capsicum capabilities for netmap. + On Linux fix a use-after-free when the requested interface does not exist. + Wednesday January 18, 2017 devel.fx.lebail@orange.fr Summary for 4.9.0 tcpdump release General updates: - Improve separation frontend/backend (tcpdump/libnetdissect) - Don't require IPv6 library support in order to support IPv6 addresses - Introduce data types to use for integral values in packet structures - Fix display of timestamps with -tt, -ttt and -ttttt options Fix some heap overflows found with American Fuzzy Lop by Hanno Boeck and others (More information in the log with CVE-2016-* and CVE-2017-*) Change the way protocols print link-layer addresses (Fix heap overflows @@ -35,14 +41,6 @@ Wednesday January 18, 2017 devel.fx.lebail@orange.fr Don't drop CAP_SYS_CHROOT before chrooting Fixes issue where statistics not reported when -G and -W options used - New printers supporting: - Generic Protocol Extension for VXLAN (VXLAN-GPE) - Home Networking Control Protocol (HNCP), RFCs 7787 and 7788 - Locator/Identifier Separation Protocol (LISP), type 3 and type 4 packets - Marvell Extended Distributed Switch Architecture header (MEDSA) - Network Service Header (NSH) - REdis Serialization Protocol (RESP) - Updated printers: 802.11: Beginnings of 11ac radiotap support 802.11: Check the Protected bit for management frames @@ -61,7 +59,6 @@ Wednesday January 18, 2017 devel.fx.lebail@orange.fr ATM: Fix an incorrect bounds check BFD: Update specification from draft to RFC 5880 BFD: Update to print optional authentication field - BGP: Add decoding of ADD-PATH capability BGP: Add support for the AIGP attribute (RFC7311) BGP: Print LARGE_COMMUNITY Path Attribute BGP: Update BGP numbers from IANA; Print minor values for FSM notification @@ -78,7 +75,6 @@ Wednesday January 18, 2017 devel.fx.lebail@orange.fr DTP: Improve packet integrity checks EGP: Fix bounds checks ESP: Don't use OpenSSL_add_all_algorithms() in OpenSSL 1.1.0 or later - ESP: Handle OpenSSL 1.1.x Ethernet: Add some bounds checking before calling isoclns_print (Fix a heap overflow) Ethernet: Print the Length/Type field as length when needed FDDI: Fix -e output for FDDI @@ -87,7 +83,6 @@ Wednesday January 18, 2017 devel.fx.lebail@orange.fr Geneve: Fix error message with invalid option length; Update list option classes HNCP: Fix incorrect time interval format. Fix handling of IPv4 prefixes ICMP6: Fetch a 32-bit big-endian quantity with EXTRACT_32BITS() - ICMP6: dagid is always an IPv6 address, not an opaque 128-bit string IGMP: Add a length check IP: Add a bounds check (Fix a heap overflow) IP: Check before fetching the protocol version (Fix a heap overflow) @@ -115,7 +110,6 @@ Wednesday January 18, 2017 devel.fx.lebail@orange.fr MPLS LSP ping: Update printing for RFC 4379, bug fixes, more bounds checks MPLS: "length" is now the *remaining* packet length MPLS: Add bounds and length checks (Fix a heap overflow) - NFS: Add a test that makes unaligned accesses NFS: Don't assume the ONC RPC header is nicely aligned NFS: Don't overflow the Opaque_Handle buffer (Fix a segmentation fault) NFS: Don't run past the end of an NFSv3 file handle @@ -130,7 +124,6 @@ Wednesday January 18, 2017 devel.fx.lebail@orange.fr PGM: Print the formatted IP address, not the raw binary address, as a string PIM: Add some bounds checking (Fix a heap overflow) PIMv2: Fix checksumming of Register messages - PPI: Pass an adjusted struct pcap_pkthdr to the sub-printer PPP: Add some bounds checks (Fix a heap overflow) PPP: Report invalid PAP AACK/ANAK packets Q.933: Add a missing bounds check @@ -171,16 +164,46 @@ Wednesday January 18, 2017 devel.fx.lebail@orange.fr UDLD: Fix an infinite loop UDP: Add a bounds check (Fix a heap overflow) UDP: Check against the packet length first - UDP: Don't do the DDP-over-UDP heuristic check up front VAT: Add some bounds checks VTP: Add a test on Mgmt Domain Name length VTP: Add bounds checks and filter out non-printable characters VXLAN: Add a bound check and a test case ZeroMQ: Fix an infinite loop -Tuesday April 14, 2015 guy@alum.mit.edu - Summary for 4.8.0 tcpdump release +Tuesday October 25, 2016 mcr@sandelman.ca + Summary for 4.8.1 tcpdump release Fix "-x" for Apple PKTAP and PPI packets + Improve separation frontend/backend (tcpdump/libnetdissect) + Fix display of timestamps with -tt, -ttt and -ttttt options + Add support for the Marvell Extended Distributed Switch Architecture header + Use PRIx64 to print a 64-bit number in hex. + Printer for HNCP (RFCs 7787 and 7788). + dagid is always an IPv6 address, not an opaque 128-bit string, and other fixes to RPL printer. + RSVP: Add bounds and length checks + OSPF: Do more bounds checking + Handle OpenSSL 1.1.x. + Initial support for the REdis Serialization Protocol known as RESP. + Add printing function for Generic Protocol Extension for VXLAN + draft-ietf-nvo3-vxlan-gpe-01 + Network Service Header: draft-ietf-sfc-nsh-01 + Don't recompile the filter if the new file has the same DLT. + Pass an adjusted struct pcap_pkthdr to the sub-printer. + Add three test cases for already fixed CVEs + CVE-2014-8767: OLSR + CVE-2014-8768: Geonet + CVE-2014-8769: AODV + Don't do the DDP-over-UDP heuristic first: GitHub issue #499. + Use the new debugging routines in libpcap. + Harmonize TCP source or destination ports tests with UDP ones + Introduce data types to use for integral values in packet structures. + RSVP: Fix an infinite loop + Support of Type 3 and Type 4 LISP packets. + Don't require IPv6 library support in order to support IPv6 addresses. + Many many changes to support libnetdissect usage. + Add a test that makes unaligned accesses: GitHub issue #478. + add a DNSSEC test case: GH #445 and GH #467. + BGP: add decoding of ADD-PATH capability + fixes to LLC header printing, and RFC948-style IP packets Friday April 10, 2015 guy@alum.mit.edu Summary for 4.7.4 tcpdump release diff --git a/CONTRIBUTING b/CONTRIBUTING index 5d3b46e0..186583ed 100644 --- a/CONTRIBUTING +++ b/CONTRIBUTING @@ -3,6 +3,44 @@ Some Information for Contributors You want to contribute to Tcpdump, Thanks! Please, read these lines. + +How to report bugs and other problems +------------------------------------- +To report a security issue (segfault, buffer overflow, infinite loop, arbitrary +code execution etc) please send an e-mail to security@tcpdump.org, do not use +the bug tracker! + +To report a non-security problem (failure to compile, incorrect output in the +protocol printout, missing support for a particular protocol etc) please check +first that it reproduces with the latest stable release of tcpdump and the latest +stable release of libpcap. If it does, please check that the problem reproduces +with the current git master branch of tcpdump and the current git master branch of +libpcap. If it does (and it is not a security-related problem, otherwise see +above), please navigate to https://github.com/the-tcpdump-group/tcpdump/issues +and check if the problem has already been reported. If it has not, please open +a new issue and provide the following details: + +* tcpdump and libpcap version (tcpdump --version) +* operating system name and version and any other details that may be relevant + (uname -a, compiler name and version, CPU type etc.) +* configure flags if any were used +* statement of the problem +* steps to reproduce + +Please note that if you know exactly how to solve the problem and the solution +would not be too intrusive, it would be best to contribute some development time +and open a pull request instead as discussed below. + +Still not sure how to do? Feel free to [subscribe](http://www.tcpdump.org/#mailing-lists) +to the mailing list tcpdump-workers@lists.tcpdump.org and ask! + + +How to add new code and to update existing code +----------------------------------------------- + +0) Check that there isn't a pull request already opened for the changes you + intend to make. + 1) Fork the Tcpdump repository on GitHub from https://github.com/the-tcpdump-group/tcpdump (See https://help.github.com/articles/fork-a-repo/) @@ -12,8 +50,11 @@ Please, read these lines. on Linux and OSX before sending pull requests. (See http://docs.travis-ci.com/user/getting-started/) -3) Clone your repository +3) Setup your git working copy git clone https://github.com/<username>/tcpdump.git + cd tcpdump + git remote add upstream https://github.com/the-tcpdump-group/tcpdump + git fetch upstream 4) Do a 'touch .devel' in your working directory. Currently, the effect is @@ -47,19 +88,26 @@ Please, read these lines. 7) Test with 'make check' Don't send a pull request if 'make check' gives failed tests. -8) Rebase your commits against upstream/master - (To keep linearity) +8) Try to rebase your commits to keep the history simple. + git rebase upstream/master + (If the rebase fails and you cannot resolve, issue "git rebase --abort" + and ask for help in the pull request comment.) -9) Initiate and send a pull request +9) Once 100% happy, put your work into your forked repository. + git push + +10) Initiate and send a pull request (See https://help.github.com/articles/using-pull-requests/) -Some remarks ------------- + +Code style and generic remarks +------------------------------ a) A thorough reading of some other printers code is useful. b) Put the normative reference if any as comments (RFC, etc.). -c) Put the format of packets/headers/options as comments. +c) Put the format of packets/headers/options as comments if there is no + published normative reference. d) The printer may receive incomplete packet in the buffer, truncated at any random position, for example by capturing with '-s size' option. @@ -39,6 +39,7 @@ Additional people who have contributed patches: Bjoern A. Zeeb <bzeeb at Zabbadoz dot NeT> Bram <tcpdump at mail dot wizbit dot be> Brent L. Bates <blbates at vigyan dot com> + Brian Carpenter <brian dot carpenter at gmail dot com> Brian Ginsbach <ginsbach at cray dot com> Bruce M. Simpson <bms at spc dot org> Carles Kishimoto Bisbe <ckishimo at ac dot upc dot es> @@ -54,6 +55,7 @@ Additional people who have contributed patches: Craig Rodrigues <rodrigc at mediaone dot net> Crist J. Clark <cjclark at alum dot mit dot edu> Daniel Hagerty <hag at ai dot mit dot edu> + Daniel Lee <Longinus00 at gmail dot com> Darren Reed <darrenr at reed dot wattle dot id dot au> David Binderman <d dot binderman at virgin dot net> David Horn <dhorn2000 at gmail dot com> @@ -85,6 +87,7 @@ Additional people who have contributed patches: Greg Stark <gsstark at mit dot edu> Hank Leininger <tcpdump-workers at progressive-comp dot com> Hannes Viertel <hviertel at juniper dot net> + Hanno Böck <hanno at hboeck dot de> Harry Raaymakers <harryr at connect dot com dot au> Heinz-Ado Arnolds <Ado dot Arnolds at dhm-systems dot de> Hendrik Scholz <hendrik at scholz dot net> @@ -111,6 +114,7 @@ Additional people who have contributed patches: Juliusz Chroboczek <jch at pps dot jussieu dot fr> Kaarthik Sivakumar <kaarthik at torrentnet dot com> Kaladhar Musunuru <kaladharm at sourceforge dot net> + Kamil Frankowicz <kontakt at frankowicz dot me> Karl Norby <karl-norby at sourceforge dot net> Kazushi Sugyo <sugyo at pb dot jp dot nec dot com> Kelly Carmichael <kcarmich at ipapp dot com> @@ -123,7 +127,6 @@ Additional people who have contributed patches: Larry Lile <lile at stdio dot com> Lennert Buytenhek <buytenh at gnu dot org> Loganaden Velvindron <logan at elandsys dot com> - Daniel Lee <Longinus00 at gmail dot com> Loris Degioanni <loris at netgroup-serv dot polito dot it> Love Hörnquist-Åstrand <lha at stacken dot kth dot se> Lucas C. Villa Real <lucasvr at us dot ibm dot com> @@ -166,6 +169,7 @@ Additional people who have contributed patches: Paolo Abeni <paolo dot abeni at email dot it> Pascal Hennequin <pascal dot hennequin at int-evry dot fr> Pasvorn Boonmark <boonmark at juniper dot net> + Patrik Lundquist <patrik dot lundquist at gmail dot com> Paul Ferrell <pflarr at sourceforge dot net> Paul Mundt <lethal at linux-sh dot org> Paul S. Traina <pst at freebsd dot org> diff --git a/INSTALL.txt b/INSTALL.txt index f91d004a..57d4a450 100644 --- a/INSTALL.txt +++ b/INSTALL.txt @@ -37,6 +37,7 @@ Please see "PLATFORMS" for notes about tested platforms. FILES ----- CHANGES - description of differences between releases +CONTRIBUTING - guidelines for contributing CREDITS - people that have helped tcpdump along INSTALL.txt - this file LICENSE - the license under which tcpdump is distributed @@ -1,9 +1,16 @@ -== Tested platforms == -NetBSD 5.1/i386 (mcr - 2012/4/1) -Debian Linux (squeeze/i386) (mcr - 2012/4/1) - ---- -RedHat Linux 6.1/i386 (assar) -FreeBSD 2.2.8/i386 (itojun) +In many operating systems tcpdump is available as a native package or port, +which simplifies installation of updates and long-term maintenance. However, +the native packages are sometimes a few versions behind and to try a more +recent snapshot it will take to compile tcpdump from the source code. +tcpdump compiles and works on at least the following platforms: +* AIX +* FreeBSD +* HP-UX 11i +* Linux (any) with glibc (usually just works) +* Linux (any) with musl libc (sometimes fails to compile, please report any bugs) +* Mac OS X / macOS +* NetBSD +* OpenWrt +* Solaris @@ -3,25 +3,21 @@ [](https://travis-ci.org/the-tcpdump-group/tcpdump) -TCPDUMP 4.x.y -Now maintained by "The Tcpdump Group" -See www.tcpdump.org +To report a security issue please send an e-mail to security@tcpdump.org. -Please send inquiries/comments/reports to: +To report bugs and other problems, contribute patches, request a +feature, provide generic feedback etc please see the file +CONTRIBUTING in the tcpdump source tree root. -* tcpdump-workers@lists.tcpdump.org +TCPDUMP 4.x.y +Now maintained by "The Tcpdump Group" +See www.tcpdump.org Anonymous Git is available via: git clone git://bpf.tcpdump.org/tcpdump -Please submit patches by forking the branch on GitHub at: - -* http://github.com/the-tcpdump-group/tcpdump/tree/master - -and issuing a pull request. - -formerly from Lawrence Berkeley National Laboratory +formerly from Lawrence Berkeley National Laboratory Network Research Group <tcpdump@ee.lbl.gov> ftp://ftp.ee.lbl.gov/old/tcpdump.tar.Z (3.4) @@ -71,20 +67,6 @@ It is a program that can be used to extract portions of tcpdump binary trace files. See the above distribution for further details and documentation. -Problems, bugs, questions, desirable enhancements, etc. should be sent -to the address "tcpdump-workers@lists.tcpdump.org". Bugs, support -requests, and feature requests may also be submitted on the GitHub issue -tracker for tcpdump at: - -* https://github.com/the-tcpdump-group/tcpdump/issues - -Source code contributions, etc. should be sent to the email address -above or submitted by forking the branch on GitHub at: - -* http://github.com/the-tcpdump-group/tcpdump/tree/master - -and issuing a pull request. - Current versions can be found at www.tcpdump.org. - The TCPdump team diff --git a/README.version b/README.version index 1e3229be..3fd562e7 100644 --- a/README.version +++ b/README.version @@ -1,3 +1,3 @@ -URL: http://www.tcpdump.org/release/tcpdump-4.9.0.tar.gz -Version: 4.9.0 +URL: http://www.tcpdump.org/release/tcpdump-4.9.1.tar.gz +Version: 4.9.1 BugComponent: 119452 @@ -1 +1 @@ -4.9.0 +4.9.1 @@ -655,7 +655,7 @@ AC_DEFUN(AC_LBL_LIBPCAP, AC_CHECK_FUNC(pcap_loop,, [ AC_MSG_ERROR( -[Report this to tcpdump-workers@lists.tcpdump.org, and include the +[This is a bug, please follow the guidelines in CONTRIBUTING and include the config.log file in your report. If you have downloaded libpcap from tcpdump.org, and built it yourself, please also include the config.log file from the libpcap source directory, the Makefile from the libpcap @@ -5801,7 +5801,7 @@ if test "x$ac_cv_func_pcap_loop" = xyes; then : else - as_fn_error $? "Report this to tcpdump-workers@lists.tcpdump.org, and include the + as_fn_error $? "This is a bug, please follow the guidelines in CONTRIBUTING and include the config.log file in your report. If you have downloaded libpcap from tcpdump.org, and built it yourself, please also include the config.log file from the libpcap source directory, the Makefile from the libpcap diff --git a/print-m3ua.c b/print-m3ua.c index 1f974b2f..71a585ff 100644 --- a/print-m3ua.c +++ b/print-m3ua.c @@ -67,7 +67,7 @@ static const struct tok MessageClasses[] = { { M3UA_MSGC_SSNM, "SS7" }, { M3UA_MSGC_ASPSM, "ASP" }, { M3UA_MSGC_ASPTM, "ASP" }, - { M3UA_MSGC_RKM, "Routing Key Managment" }, + { M3UA_MSGC_RKM, "Routing Key Management"}, { 0, NULL } }; diff --git a/print-ppp.c b/print-ppp.c index ee8239c7..b30f224c 100644 --- a/print-ppp.c +++ b/print-ppp.c @@ -1264,7 +1264,7 @@ print_ccp_config_options(netdissect_options *ndo, ND_TCHECK2(*(p + 2), 1); ND_PRINT((ndo, ": Window: %uK, Method: %s (0x%x), MBZ: %u, CHK: %u", (p[2] & 0xf0) >> 4, - ((p[2] & 0x0f) == 8) ? "zlib" : "unkown", + ((p[2] & 0x0f) == 8) ? "zlib" : "unknown", p[2] & 0x0f, (p[3] & 0xfc) >> 2, p[3] & 0x03)); break; diff --git a/print-stp.c b/print-stp.c index 2f5c9175..ee0627ca 100644 --- a/print-stp.c +++ b/print-stp.c @@ -256,6 +256,7 @@ stp_print_mstp_bpdu(netdissect_options *ndo, const struct stp_bpdu_ *stp_bpdu, return 1; } + ND_TCHECK(stp_bpdu->flags); ND_PRINT((ndo, "\n\tport-role %s, ", tok2str(rstp_obj_port_role_values, "Unknown", RSTP_EXTRACT_PORT_ROLE(stp_bpdu->flags)))); @@ -475,6 +476,7 @@ stp_print(netdissect_options *ndo, const u_char *p, u_int length) if (stp_bpdu->protocol_version == STP_PROTO_SPB) { /* Validate v4 length */ + ND_TCHECK_16BITS(p + MST_BPDU_VER3_LEN_OFFSET + mstp_len); spb_len = EXTRACT_16BITS (p + MST_BPDU_VER3_LEN_OFFSET + mstp_len); spb_len += 2; if (length < (sizeof(struct stp_bpdu_) + mstp_len + spb_len) || diff --git a/tcpdump.1.in b/tcpdump.1.in index f04a5793..081e5d12 100644 --- a/tcpdump.1.in +++ b/tcpdump.1.in @@ -20,7 +20,7 @@ .\" WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF .\" MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. .\" -.TH TCPDUMP 1 "17 September 2015" +.TH TCPDUMP 1 "2 February 2017" .SH NAME tcpdump \- dump traffic on a network .SH SYNOPSIS @@ -985,6 +985,27 @@ gives a brief description and examples of most of the formats. .B .. .HD +Timestamps +.LP +By default, all output lines are preceded by a timestamp. +The timestamp +is the current clock time in the form +.RS +.nf +\fIhh:mm:ss.frac\fP +.fi +.RE +and is as accurate as the kernel's clock. +The timestamp reflects the time the kernel applied a time stamp to the packet. +No attempt is made to account for the time lag between when the network +interface finished receiving the packet from the network and when the +kernel applied a time stamp to the packet; that time lag could include a +delay between the time when the network interface finished receiving a +packet from the network and the time when an interrupt was delivered to +the kernel to get it to read the packet and a delay between the time +when the kernel serviced the `new packet' interrupt and the time when it +applied a time stamp to the packet. +.HD Link Level Headers .LP If the '-e' option is given, the link level header is printed out. @@ -1094,39 +1115,84 @@ For the first packet this says the Ethernet source address is RTSG, the destination is the Ethernet broadcast address, the type field contained hex 0806 (type ETHER_ARP) and the total length was 64 bytes. .HD +IPv4 Packets +.LP +If the link-layer header is not being printed, for IPv4 packets, +\fBIP\fP is printed after the time stamp. +.LP +If the +.B \-v +flag is specified, information from the IPv4 header is shown in +parentheses after the \fBIP\fP or the link-layer header. +The general format of this information is: +.RS +.nf +.sp .5 +tos \fItos\fP, ttl \fIttl\fP, id \fIid\fP, offset \fIoffset\fP, flags [\fIflags\fP], proto \fIproto\fP, length \fIlength\fP, options (\fIoptions\fP) +.sp .5 +.fi +.RE +\fItos\fP is the type of service field; if the ECN bits are non-zero, +those are reported as \fBECT(1)\fP, \fBECT(0)\fP, or \fBCE\fP. +\fIttl\fP is the time-to-live; it is not reported if it is zero. +\fIid\fP is the IP identification field. +\fIoffset\fP is the fragment offset field; it is printed whether this is +part of a fragmented datagram or not. +\fIflags\fP are the MF and DF flags; \fB+\fP is reported if MF is set, +and \fBDF\P is reported if F is set. If neither are set, \fB.\fP is +reported. +\fIproto\fP is the protocol ID field. +\fIlength\fP is the total length field. +\fIoptions\fP are the IP options, if any. +.LP +Next, for TCP and UDP packets, the source and destination IP addresses +and TCP or UDP ports, with a dot between each IP address and its +corresponding port, will be printed, with a > separating the source and +destination. For other protocols, the addresses will be printed, with +a > separating the source and destination. Higher level protocol +information, if any, will be printed after that. +.LP +For fragmented IP datagrams, the first fragment contains the higher +level protocol header; fragments after the first contain no higher level +protocol header. Fragmentation information will be printed only with +the +.B \-v +flag, in the IP header information, as described above. +.HD TCP Packets .LP \fI(N.B.:The following description assumes familiarity with the TCP protocol described in RFC-793. If you are not familiar -with the protocol, neither this description nor \fItcpdump\fP will +with the protocol, this description will not be of much use to you.)\fP .LP -The general format of a tcp protocol line is: +The general format of a TCP protocol line is: .RS .nf .sp .5 -\fIsrc > dst: flags data-seqno ack window urgent options\fP +\fIsrc\fP > \fIdst\fP: Flags [\fItcpflags\fP], seq \fIdata-seqno\fP, ack \fIackno\fP, win \fIwindow\fP, urg \fIurgent\fP, options [\fIopts\fP], length \fIlen\fP .sp .5 .fi .RE \fISrc\fP and \fIdst\fP are the source and destination IP addresses and ports. -\fIFlags\fP are some combination of S (SYN), +\fITcpflags\fP are some combination of S (SYN), F (FIN), P (PUSH), R (RST), U (URG), W (ECN CWR), E (ECN-Echo) or `.' (ACK), or `none' if no flags are set. \fIData-seqno\fP describes the portion of sequence space covered by the data in this packet (see example below). -\fIAck\fP is sequence number of the next data expected the other +\fIAckno\fP is sequence number of the next data expected the other direction on this connection. \fIWindow\fP is the number of bytes of receive buffer space available the other direction on this connection. \fIUrg\fP indicates there is `urgent' data in the packet. -\fIOptions\fP are tcp options enclosed in angle brackets (e.g., <mss 1024>). +\fIOpts\fP are TCP options (e.g., mss 1024). +\fILen\fP is the length of payload data. .LP -\fISrc, dst\fP and \fIflags\fP are always present. +\fIIptype\fR, \fISrc\fP, \fIdst\fP, and \fIflags\fP are always present. The other fields -depend on the contents of the packet's tcp protocol header and +depend on the contents of the packet's TCP protocol header and are output only if appropriate. .LP Here is the opening portion of an rlogin from host \fIrtsg\fP to @@ -1134,26 +1200,26 @@ host \fIcsam\fP. .RS .nf .sp .5 -\s-2\f(CWrtsg.1023 > csam.login: S 768512:768512(0) win 4096 <mss 1024> -csam.login > rtsg.1023: S 947648:947648(0) ack 768513 win 4096 <mss 1024> -rtsg.1023 > csam.login: . ack 1 win 4096 -rtsg.1023 > csam.login: P 1:2(1) ack 1 win 4096 -csam.login > rtsg.1023: . ack 2 win 4096 -rtsg.1023 > csam.login: P 2:21(19) ack 1 win 4096 -csam.login > rtsg.1023: P 1:2(1) ack 21 win 4077 -csam.login > rtsg.1023: P 2:3(1) ack 21 win 4077 urg 1 -csam.login > rtsg.1023: P 3:4(1) ack 21 win 4077 urg 1\fR\s+2 +\s-2\f(CWIP rtsg.1023 > csam.login: Flags [S], seq 768512:768512, win 4096, opts [mss 1024] +IP csam.login > rtsg.1023: Flags [S.], seq, 947648:947648, ack 768513, win 4096, opts [mss 1024] +IP rtsg.1023 > csam.login: Flags [.], ack 1, win 4096 +IP rtsg.1023 > csam.login: Flags [P.], seq 1:2, ack 1, win 4096, length 1 +IP csam.login > rtsg.1023: Flags [.], ack 2, win 4096 +IP rtsg.1023 > csam.login: Flags [P.], seq 2:21, ack 1, win 4096, length 19 +IP csam.login > rtsg.1023: Flags [P.], seq 1:2, ack 21, win 4077, length 1 +IP csam.login > rtsg.1023: Flags [P.], seq 2:3, ack 21, win 4077, urg 1, length 1 +IP csam.login > rtsg.1023: Flags [P.], seq 3:4, ack 21, win 4077, urg 1, length 1\fR\s+2 .sp .5 .fi .RE -The first line says that tcp port 1023 on rtsg sent a packet +The first line says that TCP port 1023 on rtsg sent a packet to port \fIlogin\fP on csam. The \fBS\fP indicates that the \fISYN\fP flag was set. The packet sequence number was 768512 and it contained no data. -(The notation is `first:last(nbytes)' which means `sequence +(The notation is `first:last' which means `sequence numbers \fIfirst\fP -up to but not including \fIlast\fP which is \fInbytes\fP bytes of user data'.) +up to but not including \fIlast\fP.) There was no piggy-backed ack, the available receive window was 4096 bytes and there was a max-segment-size option requesting an mss of 1024 bytes. @@ -1162,11 +1228,11 @@ Csam replies with a similar packet except it includes a piggy-backed ack for rtsg's SYN. Rtsg then acks csam's SYN. The `.' means the ACK flag was set. -The packet contained no data so there is no data sequence number. +The packet contained no data so there is no data sequence number or length. Note that the ack sequence number is a small integer (1). The first time \fItcpdump\fP sees a -tcp `conversation', it prints the sequence number from the packet. +TCP `conversation', it prints the sequence number from the packet. On subsequent packets of the conversation, the difference between the current packet's sequence number and this initial sequence number is printed. @@ -1811,81 +1877,6 @@ jssmag.209 initiates the next request. The `*' on the request indicates that XO (`exactly once') was \fInot\fP set. -.HD -IP Fragmentation -.LP -Fragmented Internet datagrams are printed as -.RS -.nf -.sp .5 -\fB(frag \fIid\fB:\fIsize\fB@\fIoffset\fB+)\fR -\fB(frag \fIid\fB:\fIsize\fB@\fIoffset\fB)\fR -.sp .5 -.fi -.RE -(The first form indicates there are more fragments. -The second -indicates this is the last fragment.) -.LP -\fIId\fP is the fragment id. -\fISize\fP is the fragment -size (in bytes) excluding the IP header. -\fIOffset\fP is this -fragment's offset (in bytes) in the original datagram. -.LP -The fragment information is output for each fragment. -The first -fragment contains the higher level protocol header and the frag -info is printed after the protocol info. -Fragments -after the first contain no higher level protocol header and the -frag info is printed after the source and destination addresses. -For example, here is part of an ftp from arizona.edu to lbl-rtsg.arpa -over a CSNET connection that doesn't appear to handle 576 byte datagrams: -.RS -.nf -.sp .5 -\s-2\f(CWarizona.ftp-data > rtsg.1170: . 1024:1332(308) ack 1 win 4096 (frag 595a:328@0+) -arizona > rtsg: (frag 595a:204@328) -rtsg.1170 > arizona.ftp-data: . ack 1536 win 2560\fP\s+2 -.sp .5 -.fi -.RE -There are a couple of things to note here: First, addresses in the -2nd line don't include port numbers. -This is because the TCP -protocol information is all in the first fragment and we have no idea -what the port or sequence numbers are when we print the later fragments. -Second, the tcp sequence information in the first line is printed as if there -were 308 bytes of user data when, in fact, there are 512 bytes (308 in -the first frag and 204 in the second). -If you are looking for holes -in the sequence space or trying to match up acks -with packets, this can fool you. -.LP -A packet with the IP \fIdon't fragment\fP flag is marked with a -trailing \fB(DF)\fP. -.HD -Timestamps -.LP -By default, all output lines are preceded by a timestamp. -The timestamp -is the current clock time in the form -.RS -.nf -\fIhh:mm:ss.frac\fP -.fi -.RE -and is as accurate as the kernel's clock. -The timestamp reflects the time the kernel applied a time stamp to the packet. -No attempt is made to account for the time lag between when the network -interface finished receiving the packet from the network and when the -kernel applied a time stamp to the packet; that time lag could include a -delay between the time when the network interface finished receiving a -packet from the network and the time when an interrupt was delivered to -the kernel to get it to read the packet and a delay between the time -when the kernel serviced the `new packet' interrupt and the time when it -applied a time stamp to the packet. .SH "SEE ALSO" stty(1), pcap(3PCAP), bpf(4), nit(4P), pcap-savefile(@MAN_FILE_FORMATS@), pcap-filter(@MAN_MISC_INFO@), pcap-tstamp(@MAN_MISC_INFO@) @@ -1919,12 +1910,12 @@ The original distribution is available via anonymous ftp: IPv6/IPsec support is added by WIDE/KAME project. This program uses Eric Young's SSLeay library, under specific configurations. .SH BUGS -Please send problems, bugs, questions, desirable enhancements, patches -etc. to: +To report a security issue please send an e-mail to \%security@tcpdump.org. .LP -.RS -tcpdump-workers@lists.tcpdump.org -.RE +To report bugs and other problems, contribute patches, request a +feature, provide generic feedback etc please see the file +.I CONTRIBUTING +in the tcpdump source tree root. .LP NIT doesn't let you watch your own outbound traffic, BPF will. We recommend that you use the latter. @@ -130,7 +130,7 @@ The Regents of the University of California. All rights reserved.\n"; #endif static int Bflag; /* buffer size */ -static int Cflag; /* rotate dump files after this many bytes */ +static long Cflag; /* rotate dump files after this many bytes */ static int Cflag_count; /* Keep track of which file number we're writing */ static int Dflag; /* list available devices and exit */ /* @@ -1046,9 +1046,9 @@ open_interface(const char *device, netdissect_options *ndo, char *ebuf) /* * Return an error for our caller to handle. */ - pcap_close(pc); snprintf(ebuf, PCAP_ERRBUF_SIZE, "%s: %s\n(%s)", device, pcap_statustostr(status), cp); + pcap_close(pc); return (NULL); } else if (status == PCAP_ERROR_PERM_DENIED && *cp != '\0') error("%s: %s\n(%s)", device, @@ -1855,7 +1855,12 @@ main(int argc, char **argv) if (RFileName == NULL && VFileName == NULL) { static const unsigned long cmds[] = { BIOCGSTATS, BIOCROTZBUF }; - cap_rights_init(&rights, CAP_IOCTL, CAP_READ); + /* + * The various libpcap devices use a combination of + * read (bpf), ioctl (bpf, netmap), poll (netmap) + * so we add the relevant access rights. + */ + cap_rights_init(&rights, CAP_IOCTL, CAP_READ, CAP_EVENT); if (cap_rights_limit(pcap_fileno(pd), &rights) < 0 && errno != ENOSYS) { error("unable to limit pcap descriptor"); @@ -2599,6 +2604,14 @@ print_version(void) smi_version_string = nd_smi_version_string(); if (smi_version_string != NULL) (void)fprintf (stderr, "SMI-library: %s\n", smi_version_string); + +#if defined(__SANITIZE_ADDRESS__) + (void)fprintf (stderr, "Compiled with AddressSanitizer/GCC.\n"); +#elif defined(__has_feature) +# if __has_feature(address_sanitizer) + (void)fprintf (stderr, "Compiled with AddressSanitizer/CLang.\n"); +# endif +#endif /* __SANITIZE_ADDRESS__ or __has_feature */ } USES_APPLE_RST diff --git a/tests/TESTLIST b/tests/TESTLIST index ba29da40..dd40ebfc 100644 --- a/tests/TESTLIST +++ b/tests/TESTLIST @@ -1,4 +1,5 @@ -# The Option -n is useless in TESTLIST. It is already set in TESTonce. +# The options -n and -t are useless in TESTLIST. They are already set +# in TESTonce. # Various flags applied to a TCP session. # @@ -11,435 +12,436 @@ # Therefore, for "X" and "XX", we have "print-capX.out" # and "print-capXX.out". # -print-x print-flags.pcap print-x.out -t -x -print-xx print-flags.pcap print-xx.out -t -xx -print-X print-flags.pcap print-capX.out -t -X -print-XX print-flags.pcap print-capXX.out -t -XX -print-A print-flags.pcap print-A.out -t -A -print-AA print-flags.pcap print-AA.out -t -AA +print-x print-flags.pcap print-x.out -x +print-xx print-flags.pcap print-xx.out -xx +print-X print-flags.pcap print-capX.out -X +print-XX print-flags.pcap print-capXX.out -XX +print-A print-flags.pcap print-A.out -A +print-AA print-flags.pcap print-AA.out -AA # BGP tests -bgp_vpn_attrset bgp_vpn_attrset.pcap bgp_vpn_attrset.out -t -v -mpbgp-linklocal-nexthop mpbgp-linklocal-nexthop.pcap mpbgp-linklocal-nexthop.out -t -v -bgp_infloop-v bgp-infinite-loop.pcap bgp_infloop-v.out -t -v -bgp-aigp bgp-aigp.pcap bgp-aigp.out -t -v -bgp-large-community bgp-large-community.pcap bgp-large-community.out -t -v +bgp_vpn_attrset bgp_vpn_attrset.pcap bgp_vpn_attrset.out -v +mpbgp-linklocal-nexthop mpbgp-linklocal-nexthop.pcap mpbgp-linklocal-nexthop.out -v +bgp_infloop-v bgp-infinite-loop.pcap bgp_infloop-v.out -v +bgp-aigp bgp-aigp.pcap bgp-aigp.out -v +bgp-large-community bgp-large-community.pcap bgp-large-community.out -v # EAP tests -eapon1 eapon1.pcap eapon1.out -t +eapon1 eapon1.pcap eapon1.out # ESP tests -esp0 02-sunrise-sunset-esp.pcap esp0.out -t +esp0 02-sunrise-sunset-esp.pcap esp0.out # more ESP tests in crypto.sh # ISAKMP tests -isakmp1 isakmp-delete-segfault.pcap isakmp1.out -t -isakmp2 isakmp-pointer-loop.pcap isakmp2.out -t -isakmp3 isakmp-identification-segfault.pcap isakmp3.out -t -v +isakmp1 isakmp-delete-segfault.pcap isakmp1.out +isakmp2 isakmp-pointer-loop.pcap isakmp2.out +isakmp3 isakmp-identification-segfault.pcap isakmp3.out -v # isakmp4 is in crypto.sh -isakmp5-v ISAKMP_sa_setup.pcap isakmp5-v.out -t -v +isakmp5-v ISAKMP_sa_setup.pcap isakmp5-v.out -v # Link Management Protocol tests -lmp lmp.pcap lmp.out -t -T lmp +lmp lmp.pcap lmp.out -T lmp # lmp-v is now conditionally handled by lmp-v.sh # MPLS tests -mpls-ldp-hello mpls-ldp-hello.pcap mpls-ldp-hello.out -t -v -ldp_infloop ldp-infinite-loop.pcap ldp_infloop.out -t -lspping-fec-ldp lspping-fec-ldp.pcap lspping-fec-ldp.out -t -lspping-fec-ldp-v lspping-fec-ldp.pcap lspping-fec-ldp-v.out -t -v -lspping-fec-ldp-vv lspping-fec-ldp.pcap lspping-fec-ldp-vv.out -t -vv -lspping-fec-rsvp lspping-fec-rsvp.pcap lspping-fec-rsvp.out -t -lspping-fec-rsvp-v lspping-fec-rsvp.pcap lspping-fec-rsvp-v.out -t -v -lspping-fec-rsvp-vv lspping-fec-rsvp.pcap lspping-fec-rsvp-vv.out -t -vv -mpls-traceroute mpls-traceroute.pcap mpls-traceroute.out -t -mpls-traceroute-v mpls-traceroute.pcap mpls-traceroute-v.out -t -v +mpls-ldp-hello mpls-ldp-hello.pcap mpls-ldp-hello.out -v +ldp_infloop ldp-infinite-loop.pcap ldp_infloop.out +lspping-fec-ldp lspping-fec-ldp.pcap lspping-fec-ldp.out +lspping-fec-ldp-v lspping-fec-ldp.pcap lspping-fec-ldp-v.out -v +lspping-fec-ldp-vv lspping-fec-ldp.pcap lspping-fec-ldp-vv.out -vv +lspping-fec-rsvp lspping-fec-rsvp.pcap lspping-fec-rsvp.out +lspping-fec-rsvp-v lspping-fec-rsvp.pcap lspping-fec-rsvp-v.out -v +lspping-fec-rsvp-vv lspping-fec-rsvp.pcap lspping-fec-rsvp-vv.out -vv +mpls-traceroute mpls-traceroute.pcap mpls-traceroute.out +mpls-traceroute-v mpls-traceroute.pcap mpls-traceroute-v.out -v # OSPF tests -ospf-gmpls ospf-gmpls.pcap ospf-gmpls.out -t -v -ospf3_ah-vv OSPFv3_with_AH.pcap ospf3_ah-vv.out -t -v -v -ospf3_auth-vv ospf3_auth.pcap ospf3_auth-vv.out -t -v -v -ospf3_bc-vv OSPFv3_broadcast_adjacency.pcap ospf3_bc-vv.out -t -v -v -ospf3_mp-vv OSPFv3_multipoint_adjacencies.pcap ospf3_mp-vv.out -t -v -v -ospf3_nbma-vv OSPFv3_NBMA_adjacencies.pcap ospf3_nbma-vv.out -t -v -v +ospf-gmpls ospf-gmpls.pcap ospf-gmpls.out -v +ospf3_ah-vv OSPFv3_with_AH.pcap ospf3_ah-vv.out -v -v +ospf3_auth-vv ospf3_auth.pcap ospf3_auth-vv.out -v -v +ospf3_bc-vv OSPFv3_broadcast_adjacency.pcap ospf3_bc-vv.out -v -v +ospf3_mp-vv OSPFv3_multipoint_adjacencies.pcap ospf3_mp-vv.out -v -v +ospf3_nbma-vv OSPFv3_NBMA_adjacencies.pcap ospf3_nbma-vv.out -v -v # fuzzed pcap -ospf2-seg-fault-1-v ospf2-seg-fault-1.pcap ospf2-seg-fault-1-v.out -t -v +ospf2-seg-fault-1-v ospf2-seg-fault-1.pcap ospf2-seg-fault-1-v.out -v # IKEv2 tests -ikev2four ikev2four.pcap ikev2four.out -t -v -ikev2fourv ikev2four.pcap ikev2fourv.out -t -v -v -v -ikev2fourv4 ikev2four.pcap ikev2fourv4.out -t -v -v -v -v +ikev2four ikev2four.pcap ikev2four.out -v +ikev2fourv ikev2four.pcap ikev2fourv.out -v -v -v +ikev2fourv4 ikev2four.pcap ikev2fourv4.out -v -v -v -v # ikev2pI2 test in crypto.sh -ikev2pI2-segfault ikev2pI2-segfault.pcap ikev2pI2-segfault.out -t -ikev2pI2-segfault-v ikev2pI2-segfault.pcap ikev2pI2-segfault-v.out -t -v +ikev2pI2-segfault ikev2pI2-segfault.pcap ikev2pI2-segfault.out +ikev2pI2-segfault-v ikev2pI2-segfault.pcap ikev2pI2-segfault-v.out -v # IETF ROLL RPL packets -dio02 rpl-19-pickdag.pcap rpl-19-pickdag.out -t -v -v -dio03 rpl-19-pickdag.pcap rpl-19-pickdagvvv.out -t -v -v -v -dao01 rpl-14-dao.pcap rpl-14-daovvv.out -t -v -v -v -daoack01 rpl-26-senddaoack.pcap rpl-26-senddaovv.out -t -v -v -v +dio02 rpl-19-pickdag.pcap rpl-19-pickdag.out -v -v +dio03 rpl-19-pickdag.pcap rpl-19-pickdagvvv.out -v -v -v +dao01 rpl-14-dao.pcap rpl-14-daovvv.out -v -v -v +daoack01 rpl-26-senddaoack.pcap rpl-26-senddaovv.out -v -v -v # IPNET encapsulated site -e1000g e1000g.pcap e1000g.out -t +e1000g e1000g.pcap e1000g.out # IETF FORCES WG packets and printer -forces01 forces1.pcap forces1.out -t -forces01vvv forces1.pcap forces1vvv.out -t -v -v -v -forces01vvvv forces1.pcap forces1vvvv.out -t -v -v -v -v +forces01 forces1.pcap forces1.out +forces01vvv forces1.pcap forces1vvv.out -v -v -v +forces01vvvv forces1.pcap forces1vvvv.out -v -v -v -v # need new pcap file, not sure what the differences were? -#forces02 forces2.pcap forces2.out -t -#forces02v forces2.pcap forces2v.out -t -v -#forces02vv forces2.pcap forces2vv.out -t -v -v +#forces02 forces2.pcap forces2.out +#forces02v forces2.pcap forces2v.out -v +#forces02vv forces2.pcap forces2vv.out -v -v # 802.1ad, QinQ tests -qinq QinQpacket.pcap QinQpacket.out -t -e -qinqv QinQpacket.pcap QinQpacketv.out -t -e -v +qinq QinQpacket.pcap QinQpacket.out -e +qinqv QinQpacket.pcap QinQpacketv.out -e -v # now SFLOW tests -sflow1 sflow_multiple_counter_30_pdus.pcap sflow_multiple_counter_30_pdus.out -t -v -sflow2 sflow_multiple_counter_30_pdus.pcap sflow_multiple_counter_30_pdus-nv.out -t +sflow1 sflow_multiple_counter_30_pdus.pcap sflow_multiple_counter_30_pdus.out -v +sflow2 sflow_multiple_counter_30_pdus.pcap sflow_multiple_counter_30_pdus-nv.out # AHCP and Babel tests -ahcp-vv ahcp.pcap ahcp-vv.out -t -vv -babel1 babel.pcap babel1.out -t -babel1v babel.pcap babel1v.out -t -v -babel_auth babel_auth.pcap babel_auth.out -t -v -babel_pad1 babel_pad1.pcap babel_pad1.out -t -babel_rtt babel_rtt.pcap babel_rtt.out -t -v +ahcp-vv ahcp.pcap ahcp-vv.out -vv +babel1 babel.pcap babel1.out +babel1v babel.pcap babel1v.out -v +babel_auth babel_auth.pcap babel_auth.out -v +babel_pad1 babel_pad1.pcap babel_pad1.out +babel_rtt babel_rtt.pcap babel_rtt.out -v # PPPoE tests -pppoe pppoe.pcap pppoe.out -t -pppoes pppoes.pcap pppoes.out -t -pppoes_id pppoes.pcap pppoes_id.out -t pppoes 0x3b +pppoe pppoe.pcap pppoe.out +pppoes pppoes.pcap pppoes.out +pppoes_id pppoes.pcap pppoes_id.out pppoes 0x3b # PPP tests -truncated_aack truncated-aack.pcap trunc_aack.out -t +truncated_aack truncated-aack.pcap trunc_aack.out # IGMP tests -igmpv1 IGMP_V1.pcap igmpv1.out -t -igmpv2 IGMP_V2.pcap igmpv2.out -t -igmpv3-queries igmpv3-queries.pcap igmpv3-queries.out -t -mtrace mtrace.pcap mtrace.out -t -dvmrp mrinfo_query.pcap dvmrp.out -t +igmpv1 IGMP_V1.pcap igmpv1.out +igmpv2 IGMP_V2.pcap igmpv2.out +igmpv3-queries igmpv3-queries.pcap igmpv3-queries.out +mtrace mtrace.pcap mtrace.out +dvmrp mrinfo_query.pcap dvmrp.out # ICMPv6 -icmpv6 icmpv6.pcap icmpv6.out -t -vv -icmpv6_opt24-v icmpv6_opt24.pcap icmpv6_opt24-v.out -t -v +icmpv6 icmpv6.pcap icmpv6.out -vv +icmpv6_opt24-v icmpv6_opt24.pcap icmpv6_opt24-v.out -v # SPB tests -spb spb.pcap spb.out -t +spb spb.pcap spb.out # SPB BPDUv4 tests -spb_bpduv4 spb_bpduv4.pcap spb_bpduv4.out -t -spb_bpduv4-v spb_bpduv4.pcap spb_bpduv4-v.out -t -v +spb_bpduv4 spb_bpduv4.pcap spb_bpduv4.out +spb_bpduv4-v spb_bpduv4.pcap spb_bpduv4-v.out -v # DCB Tests -dcb_ets dcb_ets.pcap dcb_ets.out -t -vv -dcb_pfc dcb_pfc.pcap dcb_pfc.out -t -vv -dcb_qcn dcb_qcn.pcap dcb_qcn.out -t -vv +dcb_ets dcb_ets.pcap dcb_ets.out -vv +dcb_pfc dcb_pfc.pcap dcb_pfc.out -vv +dcb_qcn dcb_qcn.pcap dcb_qcn.out -vv # EVB tests -evb evb.pcap evb.out -t -vv +evb evb.pcap evb.out -vv # STP tests -mstp-v MSTP_Intra-Region_BPDUs.pcap mstp-v.out -t -v -stp-v 802.1D_spanning_tree.pcap stp-v.out -t -v -rstp-v 802.1w_rapid_STP.pcap rstp-v.out -t -v -rpvst-v rpvstp-trunk-native-vid5.pcap rpvst-v.out -t -v +mstp-v MSTP_Intra-Region_BPDUs.pcap mstp-v.out -v +stp-v 802.1D_spanning_tree.pcap stp-v.out -v +rstp-v 802.1w_rapid_STP.pcap rstp-v.out -v +rpvst-v rpvstp-trunk-native-vid5.pcap rpvst-v.out -v # RIP tests -ripv1v2 ripv1v2.pcap ripv1v2.out -t -v -ripv2_auth ripv2_auth.pcap ripv2_auth.out -t -v +ripv1v2 ripv1v2.pcap ripv1v2.out -v +ripv2_auth ripv2_auth.pcap ripv2_auth.out -v # DHCPv6 tests -dhcpv6-aftr-name dhcpv6-AFTR-Name-RFC6334.pcap dhcpv6-AFTR-Name-RFC6334.out -t -v -dhcpv6-ia-na dhcpv6-ia-na.pcap dhcpv6-ia-na.out -t -v -dhcpv6-ia-pd dhcpv6-ia-pd.pcap dhcpv6-ia-pd.out -t -v -dhcpv6-ia-ta dhcpv6-ia-ta.pcap dhcpv6-ia-ta.out -t -v -dhcpv6-ntp-server dhcpv6-ntp-server.pcap dhcpv6-ntp-server.out -t -v -dhcpv6-sip-server-d dhcpv6-sip-server-d.pcap dhcpv6-sip-server-d.out -t -v -dhcpv6-domain-list dhcpv6-domain-list.pcap dhcpv6-domain-list.out -t -v -dhcpv6-mud dhcpv6-mud.pcap dhcpv6-mud.out -t -vv +dhcpv6-aftr-name dhcpv6-AFTR-Name-RFC6334.pcap dhcpv6-AFTR-Name-RFC6334.out -v +dhcpv6-ia-na dhcpv6-ia-na.pcap dhcpv6-ia-na.out -v +dhcpv6-ia-pd dhcpv6-ia-pd.pcap dhcpv6-ia-pd.out -v +dhcpv6-ia-ta dhcpv6-ia-ta.pcap dhcpv6-ia-ta.out -v +dhcpv6-ntp-server dhcpv6-ntp-server.pcap dhcpv6-ntp-server.out -v +dhcpv6-sip-server-d dhcpv6-sip-server-d.pcap dhcpv6-sip-server-d.out -v +dhcpv6-domain-list dhcpv6-domain-list.pcap dhcpv6-domain-list.out -v +dhcpv6-mud dhcpv6-mud.pcap dhcpv6-mud.out -vv # ZeroMQ/PGM tests # ZMTP/1.0 over TCP -zmtp1v zmtp1.pcap zmtp1.out -t -v -T zmtp1 +zmtp1v zmtp1.pcap zmtp1.out -v -T zmtp1 # native PGM -pgmv pgm_zmtp1.pcap pgmv.out -t -v +pgmv pgm_zmtp1.pcap pgmv.out -v # UDP-encapsulated PGM -epgmv epgm_zmtp1.pcap epgmv.out -t -v -T pgm +epgmv epgm_zmtp1.pcap epgmv.out -v -T pgm # ZMTP/1.0 inside native PGM -pgm_zmtp1v pgm_zmtp1.pcap pgm_zmtp1v.out -t -v -T pgm_zmtp1 +pgm_zmtp1v pgm_zmtp1.pcap pgm_zmtp1v.out -v -T pgm_zmtp1 # ZMTP/1.0 inside UDP-encapsulated PGM -epgm_zmtp1v epgm_zmtp1.pcap epgm_zmtp1v.out -t -v -T pgm_zmtp1 +epgm_zmtp1v epgm_zmtp1.pcap epgm_zmtp1v.out -v -T pgm_zmtp1 # fuzzed pcap -zmtp1-inf-loop-1 zmtp1-inf-loop-1.pcap zmtp1-inf-loop-1.out -t -T zmtp1 +zmtp1-inf-loop-1 zmtp1-inf-loop-1.pcap zmtp1-inf-loop-1.out -T zmtp1 # MS NLB tests -msnlb msnlb.pcap msnlb.out -t -msnlb2 msnlb2.pcap msnlb2.out -t +msnlb msnlb.pcap msnlb.out +msnlb2 msnlb2.pcap msnlb2.out # MPTCP tests -mptcp mptcp.pcap mptcp.out -t -mptcp-fclose mptcp-fclose.pcap mptcp-fclose.out -t +mptcp mptcp.pcap mptcp.out +mptcp-fclose mptcp-fclose.pcap mptcp-fclose.out # TFO tests -tfo tfo-5c1fa7f9ae91.pcap tfo.out -t +tfo tfo-5c1fa7f9ae91.pcap tfo.out # SCPS -scps_invalid scps_invalid.pcap scps_invalid.out -t +scps_invalid scps_invalid.pcap scps_invalid.out # IEEE 802.11 tests -802.11_exthdr ieee802.11_exthdr.pcap ieee802.11_exthdr.out -t -v -802.11_rx-stbc ieee802.11_rx-stbc.pcap ieee802.11_rx-stbc.out -t +802.11_exthdr ieee802.11_exthdr.pcap ieee802.11_exthdr.out -v +802.11_rx-stbc ieee802.11_rx-stbc.pcap ieee802.11_rx-stbc.out # OpenFlow tests -of10_p3295-vv of10_p3295.pcap of10_p3295-vv.out -t -vv -of10_s4810-vvvv of10_s4810.pcap of10_s4810-vvvv.out -t -vvvv -of10_pf5240-vv of10_pf5240.pcap of10_pf5240-vv.out -t -vv -of10_7050q-v of10_7050q.pcap of10_7050q-v.out -t -v -of10_7050sx_bsn-vv of10_7050sx_bsn.pcap of10_7050sx_bsn-vv.out -t -vv +of10_p3295-vv of10_p3295.pcap of10_p3295-vv.out -vv +of10_s4810-vvvv of10_s4810.pcap of10_s4810-vvvv.out -vvvv +of10_pf5240-vv of10_pf5240.pcap of10_pf5240-vv.out -vv +of10_7050q-v of10_7050q.pcap of10_7050q-v.out -v +of10_7050sx_bsn-vv of10_7050sx_bsn.pcap of10_7050sx_bsn-vv.out -vv # GeoNetworking and CALM FAST tests -geonet-calm-fast geonet_and_calm_fast.pcap geonet_and_calm_fast.out -t -vv +geonet-calm-fast geonet_and_calm_fast.pcap geonet_and_calm_fast.out -vv # M3UA tests -m3ua isup.pcap isup.out -t -m3ua-vv isup.pcap isupvv.out -t -vv +m3ua isup.pcap isup.out +m3ua-vv isup.pcap isupvv.out -vv # NFLOG test case moved to nflog-e.sh # syslog test case -syslog-v syslog_udp.pcap syslog-v.out -t -v +syslog-v syslog_udp.pcap syslog-v.out -v # DNSSEC from https://bugzilla.redhat.com/show_bug.cgi?id=205842, -vv exposes EDNS DO -dnssec-vv dnssec.pcap dnssec-vv.out -t -vv +dnssec-vv dnssec.pcap dnssec-vv.out -vv #IPv6 tests -ipv6-bad-version ipv6-bad-version.pcap ipv6-bad-version.out -t -ipv6-routing-header ipv6-routing-header.pcap ipv6-routing-header.out -t -v +ipv6-bad-version ipv6-bad-version.pcap ipv6-bad-version.out +ipv6-routing-header ipv6-routing-header.pcap ipv6-routing-header.out -v # Loopback/CTP test case -loopback loopback.pcap loopback.out -t +loopback loopback.pcap loopback.out # DCCP partial checksums tests -dccp_partial_csum_v4_simple dccp_partial_csum_v4_simple.pcap dccp_partial_csum_v4_simple.out -t -vv -dccp_partial_csum_v4_longer dccp_partial_csum_v4_longer.pcap dccp_partial_csum_v4_longer.out -t -vv -dccp_partial_csum_v6_simple dccp_partial_csum_v6_simple.pcap dccp_partial_csum_v6_simple.out -t -vv -dccp_partial_csum_v6_longer dccp_partial_csum_v6_longer.pcap dccp_partial_csum_v6_longer.out -t -vv +dccp_partial_csum_v4_simple dccp_partial_csum_v4_simple.pcap dccp_partial_csum_v4_simple.out -vv +dccp_partial_csum_v4_longer dccp_partial_csum_v4_longer.pcap dccp_partial_csum_v4_longer.out -vv +dccp_partial_csum_v6_simple dccp_partial_csum_v6_simple.pcap dccp_partial_csum_v6_simple.out -vv +dccp_partial_csum_v6_longer dccp_partial_csum_v6_longer.pcap dccp_partial_csum_v6_longer.out -vv # VRRP tests -vrrp vrrp.pcap vrrp.out -t -vrrp-v vrrp.pcap vrrp-v.out -t -v +vrrp vrrp.pcap vrrp.out +vrrp-v vrrp.pcap vrrp-v.out -v # HSRP tests -hsrp_1 HSRP_coup.pcap hsrp_1.out -t -hsrp_1-v HSRP_coup.pcap hsrp_1-v.out -t -v -hsrp_2-v HSRP_election.pcap hsrp_2-v.out -t -v -hsrp_3-v HSRP_failover.pcap hsrp_3-v.out -t -v +hsrp_1 HSRP_coup.pcap hsrp_1.out +hsrp_1-v HSRP_coup.pcap hsrp_1-v.out -v +hsrp_2-v HSRP_election.pcap hsrp_2-v.out -v +hsrp_3-v HSRP_failover.pcap hsrp_3-v.out -v # PIMv2 tests -pimv2_dm-v PIM-DM_pruning.pcap pimv2_dm-v.out -t -v -pimv2_register-v PIM_register_register-stop.pcap pimv2_register-v.out -t -v -pimv2_sm-v PIM-SM_join_prune.pcap pimv2_sm-v.out -t -v -pimv2_bootstrap-v PIMv2_bootstrap.pcap pimv2_bootstrap-v.out -t -v -pimv2_hellos-v PIMv2_hellos.pcap pimv2_hellos-v.out -t -v +pimv2_dm-v PIM-DM_pruning.pcap pimv2_dm-v.out -v +pimv2_register-v PIM_register_register-stop.pcap pimv2_register-v.out -v +pimv2_sm-v PIM-SM_join_prune.pcap pimv2_sm-v.out -v +pimv2_bootstrap-v PIMv2_bootstrap.pcap pimv2_bootstrap-v.out -v +pimv2_hellos-v PIMv2_hellos.pcap pimv2_hellos-v.out -v # IS-IS tests -isis_infloop-v isis-infinite-loop.pcap isis_infloop-v.out -t -v -isis_poi-v isis_poi.pcap isis_poi.out -t -v -isis_poi2-v isis_poi2.pcap isis_poi2.out -t -v -isis_1 ISIS_external_lsp.pcap isis_1.out -t -isis_1-v ISIS_external_lsp.pcap isis_1-v.out -t -v -isis_2-v ISIS_level1_adjacency.pcap isis_2-v.out -t -v -isis_3-v ISIS_level2_adjacency.pcap isis_3-v.out -t -v -isis_4-v ISIS_p2p_adjacency.pcap isis_4-v.out -t -v +isis_infloop-v isis-infinite-loop.pcap isis_infloop-v.out -v +isis_poi-v isis_poi.pcap isis_poi.out -v +isis_poi2-v isis_poi2.pcap isis_poi2.out -v +isis_1 ISIS_external_lsp.pcap isis_1.out +isis_1-v ISIS_external_lsp.pcap isis_1-v.out -v +isis_2-v ISIS_level1_adjacency.pcap isis_2-v.out -v +isis_3-v ISIS_level2_adjacency.pcap isis_3-v.out -v +isis_4-v ISIS_p2p_adjacency.pcap isis_4-v.out -v # fuzzed pcap # isis-seg-fault-1-v is now conditionally handled by isis-seg-fault-1-v.sh -isis-seg-fault-2-v isis-seg-fault-2.pcap isis-seg-fault-2-v.out -t -v -isis-seg-fault-3-v isis-seg-fault-3.pcap isis-seg-fault-3-v.out -t -v +isis-seg-fault-2-v isis-seg-fault-2.pcap isis-seg-fault-2-v.out -v +isis-seg-fault-3-v isis-seg-fault-3.pcap isis-seg-fault-3-v.out -v # RSVP tests -rsvp_infloop-v rsvp-infinite-loop.pcap rsvp_infloop-v.out -t -v +rsvp_infloop-v rsvp-infinite-loop.pcap rsvp_infloop-v.out -v # fuzzed pcap -rsvp-inf-loop-2-v rsvp-inf-loop-2.pcap rsvp-inf-loop-2-v.out -t -v +rsvp-inf-loop-2-v rsvp-inf-loop-2.pcap rsvp-inf-loop-2-v.out -v # HDLC tests -hdlc1 chdlc-slarp.pcap hdlc1.out -t -hdlc2 chdlc-slarp-short.pcap hdlc2.out -t -hdlc3 HDLC.pcap hdlc3.out -t -hdlc4 hdlc_slarp.pcap hdlc4.out -t +hdlc1 chdlc-slarp.pcap hdlc1.out +hdlc2 chdlc-slarp-short.pcap hdlc2.out +hdlc3 HDLC.pcap hdlc3.out +hdlc4 hdlc_slarp.pcap hdlc4.out # DECnet test case -decnet DECnet_Phone.pcap decnet.out -t +decnet DECnet_Phone.pcap decnet.out # RADIUS tests -radius-v RADIUS.pcap radius-v.out -t -v -radius-rfc4675 RADIUS-RFC4675.pcap radius-rfc4675-v.out -t -v -radius-rfc5176 RADIUS-RFC5176.pcap radius-rfc5176-v.out -t -v -radius-port1700 RADIUS-port1700.pcap radius-port1700-v.out -t -v +radius-v RADIUS.pcap radius-v.out -v +radius-rfc4675 RADIUS-RFC4675.pcap radius-rfc4675-v.out -v +radius-rfc5176 RADIUS-RFC5176.pcap radius-rfc5176-v.out -v +radius-port1700 RADIUS-port1700.pcap radius-port1700-v.out -v # link-level protocols -dtp-v DTP.pcap dtp-v.out -t -v -lacp-ev LACP.pcap lacp-ev.out -t -e -v -lldp_cdp-ev LLDP_and_CDP.pcap lldp_cdp-ev.out -t -e -v -cdp-v 3560_CDP.pcap cdp-v.out -t -v -udld-v UDLD.pcap udld-v.out -t -v -lldp_mud-v lldp_mudurl.pcap lldp_mudurl-v.out -t -e -v -lldp_mud-vv lldp_mudurl.pcap lldp_mudurl-vv.out -t -e -vv +dtp-v DTP.pcap dtp-v.out -v +lacp-ev LACP.pcap lacp-ev.out -e -v +lldp_cdp-ev LLDP_and_CDP.pcap lldp_cdp-ev.out -e -v +cdp-v 3560_CDP.pcap cdp-v.out -v +udld-v UDLD.pcap udld-v.out -v +lldp_mud-v lldp_mudurl.pcap lldp_mudurl-v.out -e -v +lldp_mud-vv lldp_mudurl.pcap lldp_mudurl-vv.out -e -vv # fuzzed pcap -udld-inf-loop-1-v udld-inf-loop-1.pcap udld-inf-loop-1-v.out -t -v +udld-inf-loop-1-v udld-inf-loop-1.pcap udld-inf-loop-1-v.out -v # EIGRP tests -eigrp1-v EIGRP_adjacency.pcap eigrp1-v.out -t -v -eigrp2-v EIGRP_goodbye.pcap eigrp2-v.out -t -v -eigrp3-v EIGRP_subnet_down.pcap eigrp3-v.out -t -v -eigrp4-v EIGRP_subnet_up.pcap eigrp4-v.out -t -v +eigrp1-v EIGRP_adjacency.pcap eigrp1-v.out -v +eigrp2-v EIGRP_goodbye.pcap eigrp2-v.out -v +eigrp3-v EIGRP_subnet_down.pcap eigrp3-v.out -v +eigrp4-v EIGRP_subnet_up.pcap eigrp4-v.out -v # ATA-over-Ethernet tests -aoe_1 AoE_Linux.pcap aoe_1.out -t -aoe_1-v AoE_Linux.pcap aoe_1-v.out -t -v +aoe_1 AoE_Linux.pcap aoe_1.out +aoe_1-v AoE_Linux.pcap aoe_1-v.out -v # Geneve tests -geneve-v geneve.pcap geneve-vv.out -t -vv -geneve-vni geneve.pcap geneve-vni.out -t geneve 0xb -geneve-tcp geneve.pcap geneve-tcp.out -t "geneve && tcp" +geneve-v geneve.pcap geneve-vv.out -vv +geneve-vni geneve.pcap geneve-vni.out geneve 0xb +geneve-tcp geneve.pcap geneve-tcp.out "geneve && tcp" # DHCP tests -dhcp-rfc3004 dhcp-rfc3004.pcap dhcp-rfc3004-v.out -t -v -dhcp-rfc5859 dhcp-rfc5859.pcap dhcp-rfc5859-v.out -t -v -dhcp-mud dhcp-mud.pcap dhcp-mud.out -t -vv +dhcp-rfc3004 dhcp-rfc3004.pcap dhcp-rfc3004-v.out -v +dhcp-rfc5859 dhcp-rfc5859.pcap dhcp-rfc5859-v.out -v +dhcp-mud dhcp-mud.pcap dhcp-mud.out -vv # MEDSA tests -medsa medsa.pcap medsa.out -t -medsa-e medsa.pcap medsa-e.out -t -e +medsa medsa.pcap medsa.out +medsa-e medsa.pcap medsa-e.out -e # VXLAN tests -vxlan vxlan.pcap vxlan.out -# -t -e +vxlan vxlan.pcap vxlan.out -# -e # CVEs 2014 malformed packets from Steffen Bauch -cve-2014-8767-OLSR cve-2014-8767-OLSR.pcap cve-2014-8767-OLSR.out -t -v -cve-2014-8768-Geonet cve-2014-8768-Geonet.pcap cve-2014-8768-Geonet.out -t -v -cve-2014-8769-AODV cve-2014-8769-AODV.pcap cve-2014-8769-AODV.out -t -v +cve-2014-8767-OLSR cve-2014-8767-OLSR.pcap cve-2014-8767-OLSR.out -v +cve-2014-8768-Geonet cve-2014-8768-Geonet.pcap cve-2014-8768-Geonet.out -v +cve-2014-8769-AODV cve-2014-8769-AODV.pcap cve-2014-8769-AODV.out -v # bad packets from Kevin Day # cve-2015-2155 -- fuzz testing on FORCES printer -kday1 kday1.pcap kday1.out -t -v +kday1 kday1.pcap kday1.out -v # cve-2015-2153 -- fuzz testing on TCP printer -kday2 kday2.pcap kday2.out -t -v +kday2 kday2.pcap kday2.out -v # cve-2015-2153 -- fuzz testing on TCP printer -kday3 kday3.pcap kday3.out -t -v +kday3 kday3.pcap kday3.out -v # cve-2015-2153 -- fuzz testing on TCP printer -kday4 kday4.pcap kday4.out -t -v +kday4 kday4.pcap kday4.out -v # cve-2015-2153 -- fuzz testing on TCP printer -kday5 kday5.pcap kday5.out -t -v +kday5 kday5.pcap kday5.out -v # cve-2015-2154 -- ethernet printer -kday6 kday6.pcap kday6.out -t -v +kday6 kday6.pcap kday6.out -v # cve-2015-2153 -- fuzz testing on TCP printer -kday7 kday7.pcap kday7.out -t -v +kday7 kday7.pcap kday7.out -v # cve-2015-2153 -- fuzz testing on TCP printer -kday8 kday8.pcap kday8.out -t -v +kday8 kday8.pcap kday8.out -v # bad packets from reversex86. -cve2015-0261_01 cve2015-0261-ipv6.pcap cve2015-0261-ipv6.out -t -v -cve2015-0261_02 cve2015-0261-crash.pcap cve2015-0261-crash.out -t -v +cve2015-0261_01 cve2015-0261-ipv6.pcap cve2015-0261-ipv6.out -v +cve2015-0261_02 cve2015-0261-crash.pcap cve2015-0261-crash.out -v # OLSRv1 tests -olsrv1_1 OLSRv1_HNA_sgw_1.pcap OLSRv1_HNA_sgw_1.out -t -v +olsrv1_1 OLSRv1_HNA_sgw_1.pcap OLSRv1_HNA_sgw_1.out -v # tests with unaligned data, to make sure they work on SPARC -unaligned-nfs-1 unaligned-nfs-1.pcap unaligned-nfs-1.out -t -v +unaligned-nfs-1 unaligned-nfs-1.pcap unaligned-nfs-1.out -v # LISP tests -lisp_eid_notify lisp_eid_notify.pcap lisp_eid_notify.out -t -v -lisp_eid_register lisp_eid_register.pcap lisp_eid_register.out -t -v -lisp_ipv6_eid lisp_ipv6.pcap lisp_ipv6.out -t -v +lisp_eid_notify lisp_eid_notify.pcap lisp_eid_notify.out -v +lisp_eid_register lisp_eid_register.pcap lisp_eid_register.out -v +lisp_ipv6_eid lisp_ipv6.pcap lisp_ipv6.out -v # pcap invalid versions (first: version = 1.4 ; second: version = 2.5) -pcap-invalid-version-1 pcap-invalid-version-1.pcap pcap-invalid-version-1.out -t -pcap-invalid-version-2 pcap-invalid-version-2.pcap pcap-invalid-version-2.out -t +pcap-invalid-version-1 pcap-invalid-version-1.pcap pcap-invalid-version-1.out +pcap-invalid-version-2 pcap-invalid-version-2.pcap pcap-invalid-version-2.out # pcap-ng invalid version (first: version = 0.1 ; second: version = 1.1) -pcap-ng-invalid-vers-1 pcap-ng-invalid-vers-1.pcap pcap-ng-invalid-vers-1.out -t -pcap-ng-invalid-vers-2 pcap-ng-invalid-vers-2.pcap pcap-ng-invalid-vers-2.out -t +pcap-ng-invalid-vers-1 pcap-ng-invalid-vers-1.pcap pcap-ng-invalid-vers-1.out +pcap-ng-invalid-vers-2 pcap-ng-invalid-vers-2.pcap pcap-ng-invalid-vers-2.out # NSH over VxLAN-GPE -nsh-over-vxlan-gpe nsh-over-vxlan-gpe.pcap nsh-over-vxlan-gpe.out -t -nsh-over-vxlan-gpe-v nsh-over-vxlan-gpe.pcap nsh-over-vxlan-gpe-v.out -t -v -nsh-over-vxlan-gpe-vv nsh-over-vxlan-gpe.pcap nsh-over-vxlan-gpe-vv.out -t -vv -nsh-over-vxlan-gpe-vvv nsh-over-vxlan-gpe.pcap nsh-over-vxlan-gpe-vvv.out -t -vvv +nsh-over-vxlan-gpe nsh-over-vxlan-gpe.pcap nsh-over-vxlan-gpe.out +nsh-over-vxlan-gpe-v nsh-over-vxlan-gpe.pcap nsh-over-vxlan-gpe-v.out -v +nsh-over-vxlan-gpe-vv nsh-over-vxlan-gpe.pcap nsh-over-vxlan-gpe-vv.out -vv +nsh-over-vxlan-gpe-vvv nsh-over-vxlan-gpe.pcap nsh-over-vxlan-gpe-vvv.out -vvv # RESP tests -resp_1 resp_1_benchmark.pcap resp_1.out -t -resp_2 resp_2_inline.pcap resp_2.out -t -resp_3 resp_3_malicious.pcap resp_3.out -t +resp_1 resp_1_benchmark.pcap resp_1.out +resp_2 resp_2_inline.pcap resp_2.out +resp_3 resp_3_malicious.pcap resp_3.out # HNCP tests -hncp hncp.pcap hncp.out -vvv -t +hncp hncp.pcap hncp.out -vvv # BFD tests with authentication fields -bfd-raw-auth-simple bfd-raw-auth-simple.pcap bfd-raw-auth-simple.out -t -bfd-raw-auth-simple-v bfd-raw-auth-simple.pcap bfd-raw-auth-simple-v.out -t -v -bfd-raw-auth-md5 bfd-raw-auth-md5.pcap bfd-raw-auth-md5.out -t -bfd-raw-auth-md5-v bfd-raw-auth-md5.pcap bfd-raw-auth-md5-v.out -t -v -bfd-raw-auth-sha1 bfd-raw-auth-sha1.pcap bfd-raw-auth-sha1.out -t -bfd-raw-auth-sha1-v bfd-raw-auth-sha1.pcap bfd-raw-auth-sha1-v.out -t -v +bfd-raw-auth-simple bfd-raw-auth-simple.pcap bfd-raw-auth-simple.out +bfd-raw-auth-simple-v bfd-raw-auth-simple.pcap bfd-raw-auth-simple-v.out -v +bfd-raw-auth-md5 bfd-raw-auth-md5.pcap bfd-raw-auth-md5.out +bfd-raw-auth-md5-v bfd-raw-auth-md5.pcap bfd-raw-auth-md5-v.out -v +bfd-raw-auth-sha1 bfd-raw-auth-sha1.pcap bfd-raw-auth-sha1.out +bfd-raw-auth-sha1-v bfd-raw-auth-sha1.pcap bfd-raw-auth-sha1-v.out -v # bad packets from Hanno Böck -heap-overflow-1 heap-overflow-1.pcap heap-overflow-1.out -t -v -n -heap-overflow-2 heap-overflow-2.pcap heap-overflow-2.out -t -v -n -heapoverflow-atalk_print heapoverflow-atalk_print.pcap heapoverflow-atalk_print.out -t -v -n -heapoverflow-EXTRACT_16BITS heapoverflow-EXTRACT_16BITS.pcap heapoverflow-EXTRACT_16BITS.out -t -v -n -heapoverflow-ppp_hdlc_if_print heapoverflow-ppp_hdlc_if_print.pcap heapoverflow-ppp_hdlc_if_print.out -t -v -n -heapoverflow-q933_printq heapoverflow-q933_printq.pcap heapoverflow-q933_printq.out -t -v -n -heapoverflow-sl_if_print heapoverflow-sl_if_print.pcap heapoverflow-sl_if_print.out -t -v -n -heapoverflow-ip_print_demux heapoverflow-ip_print_demux.pcap heapoverflow-ip_print_demux.out -t -v -n -heapoverflow-in_checksum heapoverflow-in_checksum.pcap heapoverflow-in_checksum.out -t -v -n -heapoverflow-tcp_print heapoverflow-tcp_print.pcap heapoverflow-tcp_print.out -t -v -n -gre-heapoverflow-1 gre-heapoverflow-1.pcap gre-heapoverflow-1.out -t -v -n -gre-heapoverflow-2 gre-heapoverflow-2.pcap gre-heapoverflow-2.out -t -v -n -calm-fast-mac-lookup-heapoverflow calm-fast-mac-lookup-heapoverflow.pcap calm-fast-mac-lookup-heapoverflow.out -t -v -n -geonet-mac-lookup-heapoverflow geonet-mac-lookup-heapoverflow.pcap geonet-mac-lookup-heapoverflow.out -t -v -n -radiotap-heapoverflow radiotap-heapoverflow.pcap radiotap-heapoverflow.out -t -v -n -isoclns-heapoverflow isoclns-heapoverflow.pcap isoclns-heapoverflow.out -t -v -n -tcp-auth-heapoverflow tcp-auth-heapoverflow.pcap tcp-auth-heapoverflow.out -t -v -n -frf15-heapoverflow frf15-heapoverflow.pcap frf15-heapoverflow.out -t -v -n -atm-oam-heapoverflow atm-oam-heapoverflow.pcap atm-oam-heapoverflow.out -t -v -n -tcp_header_heapoverflow tcp_header_heapoverflow.pcap tcp_header_heapoverflow.out -t -v -n -ipcomp-heapoverflow ipcomp-heapoverflow.pcap ipcomp-heapoverflow.out -t -v -n -llc-xid-heapoverflow llc-xid-heapoverflow.pcap llc-xid-heapoverflow.out -t -v -n -udp-length-heapoverflow udp-length-heapoverflow.pcap udp-length-heapoverflow.out -t -v -n -aarp-heapoverflow-1 aarp-heapoverflow-1.pcap aarp-heapoverflow-1.out -t -v -n -aarp-heapoverflow-2 aarp-heapoverflow-2.pcap aarp-heapoverflow-2.out -t -v -n -mpls-label-heapoverflow mpls-label-heapoverflow.pcap mpls-label-heapoverflow.out -t -v -n -bad-ipv4-version-pgm-heapoverflow bad-ipv4-version-pgm-heapoverflow.pcap bad-ipv4-version-pgm-heapoverflow.out -t -v -n -stp-heapoverflow-1 stp-heapoverflow-1.pcap stp-heapoverflow-1.out -t -v -n -stp-heapoverflow-2 stp-heapoverflow-2.pcap stp-heapoverflow-2.out -t -v -n -stp-heapoverflow-3 stp-heapoverflow-3.pcap stp-heapoverflow-3.out -t -v -n -stp-heapoverflow-4 stp-heapoverflow-4.pcap stp-heapoverflow-4.out -t -v -n -stp-heapoverflow-5 stp-heapoverflow-5.pcap stp-heapoverflow-5.out -t -v -n -arp-too-long-tha arp-too-long-tha.pcap arp-too-long-tha.out -t -v -n -juniper_header-heapoverflow juniper_header-heapoverflow.pcap juniper_header-heapoverflow.out -t -v -n -tftp-heapoverflow tftp-heapoverflow.pcap tftp-heapoverflow.out -t -v -n -relts-0x80000000 relts-0x80000000.pcap relts-0x80000000.out -t -v -n +heap-overflow-1 heap-overflow-1.pcap heap-overflow-1.out -v +heap-overflow-2 heap-overflow-2.pcap heap-overflow-2.out -v +heapoverflow-atalk_print heapoverflow-atalk_print.pcap heapoverflow-atalk_print.out -v +heapoverflow-EXTRACT_16BITS heapoverflow-EXTRACT_16BITS.pcap heapoverflow-EXTRACT_16BITS.out -v +heapoverflow-ppp_hdlc_if_print heapoverflow-ppp_hdlc_if_print.pcap heapoverflow-ppp_hdlc_if_print.out -v +heapoverflow-q933_printq heapoverflow-q933_printq.pcap heapoverflow-q933_printq.out -v +heapoverflow-sl_if_print heapoverflow-sl_if_print.pcap heapoverflow-sl_if_print.out -v +heapoverflow-ip_print_demux heapoverflow-ip_print_demux.pcap heapoverflow-ip_print_demux.out -v +heapoverflow-in_checksum heapoverflow-in_checksum.pcap heapoverflow-in_checksum.out -v +heapoverflow-tcp_print heapoverflow-tcp_print.pcap heapoverflow-tcp_print.out -v +gre-heapoverflow-1 gre-heapoverflow-1.pcap gre-heapoverflow-1.out -v +gre-heapoverflow-2 gre-heapoverflow-2.pcap gre-heapoverflow-2.out -v +calm-fast-mac-lookup-heapoverflow calm-fast-mac-lookup-heapoverflow.pcap calm-fast-mac-lookup-heapoverflow.out -v +geonet-mac-lookup-heapoverflow geonet-mac-lookup-heapoverflow.pcap geonet-mac-lookup-heapoverflow.out -v +radiotap-heapoverflow radiotap-heapoverflow.pcap radiotap-heapoverflow.out -v +isoclns-heapoverflow isoclns-heapoverflow.pcap isoclns-heapoverflow.out -v +tcp-auth-heapoverflow tcp-auth-heapoverflow.pcap tcp-auth-heapoverflow.out -v +frf15-heapoverflow frf15-heapoverflow.pcap frf15-heapoverflow.out -v +atm-oam-heapoverflow atm-oam-heapoverflow.pcap atm-oam-heapoverflow.out -v +tcp_header_heapoverflow tcp_header_heapoverflow.pcap tcp_header_heapoverflow.out -v +ipcomp-heapoverflow ipcomp-heapoverflow.pcap ipcomp-heapoverflow.out -v +llc-xid-heapoverflow llc-xid-heapoverflow.pcap llc-xid-heapoverflow.out -v +udp-length-heapoverflow udp-length-heapoverflow.pcap udp-length-heapoverflow.out -v +aarp-heapoverflow-1 aarp-heapoverflow-1.pcap aarp-heapoverflow-1.out -v +aarp-heapoverflow-2 aarp-heapoverflow-2.pcap aarp-heapoverflow-2.out -v +mpls-label-heapoverflow mpls-label-heapoverflow.pcap mpls-label-heapoverflow.out -v +bad-ipv4-version-pgm-heapoverflow bad-ipv4-version-pgm-heapoverflow.pcap bad-ipv4-version-pgm-heapoverflow.out -v +stp-heapoverflow-1 stp-heapoverflow-1.pcap stp-heapoverflow-1.out -v +stp-heapoverflow-2 stp-heapoverflow-2.pcap stp-heapoverflow-2.out -v +stp-heapoverflow-3 stp-heapoverflow-3.pcap stp-heapoverflow-3.out -v +stp-heapoverflow-4 stp-heapoverflow-4.pcap stp-heapoverflow-4.out -v +stp-heapoverflow-5 stp-heapoverflow-5.pcap stp-heapoverflow-5.out -v +arp-too-long-tha arp-too-long-tha.pcap arp-too-long-tha.out -v +juniper_header-heapoverflow juniper_header-heapoverflow.pcap juniper_header-heapoverflow.out -v +tftp-heapoverflow tftp-heapoverflow.pcap tftp-heapoverflow.out -v +relts-0x80000000 relts-0x80000000.pcap relts-0x80000000.out -v # bad packets from Brian Carpenter -ipv6hdr-heapoverflow ipv6hdr-heapoverflow.pcap ipv6hdr-heapoverflow.out -t -ipv6hdr-heapoverflow-v ipv6hdr-heapoverflow.pcap ipv6hdr-heapoverflow-v.out -t -v -otv-heapoverflow-1 otv-heapoverflow-1.pcap otv-heapoverflow-1.out -t -c10 -otv-heapoverflow-2 otv-heapoverflow-2.pcap otv-heapoverflow-2.out -t -c10 -q933-heapoverflow-2 q933-heapoverflow-2.pcap q933-heapoverflow-2.out -t -atm-heapoverflow atm-heapoverflow.pcap atm-heapoverflow.out -t -c1 -e +ipv6hdr-heapoverflow ipv6hdr-heapoverflow.pcap ipv6hdr-heapoverflow.out +ipv6hdr-heapoverflow-v ipv6hdr-heapoverflow.pcap ipv6hdr-heapoverflow-v.out -v +otv-heapoverflow-1 otv-heapoverflow-1.pcap otv-heapoverflow-1.out -c10 +otv-heapoverflow-2 otv-heapoverflow-2.pcap otv-heapoverflow-2.out -c10 +q933-heapoverflow-2 q933-heapoverflow-2.pcap q933-heapoverflow-2.out +atm-heapoverflow atm-heapoverflow.pcap atm-heapoverflow.out -c1 -e # bad packets from Kamil Frankowicz -snmp-heapoverflow-1 snmp-heapoverflow-1.pcap snmp-heapoverflow-1.out -t -snmp-heapoverflow-2 snmp-heapoverflow-2.pcap snmp-heapoverflow-2.out -t -isoclns-heapoverflow-2 isoclns-heapoverflow-2.pcap isoclns-heapoverflow-2.out -t -e -c1 -isoclns-heapoverflow-3 isoclns-heapoverflow-3.pcap isoclns-heapoverflow-3.out -t -e -c1 +snmp-heapoverflow-1 snmp-heapoverflow-1.pcap snmp-heapoverflow-1.out +snmp-heapoverflow-2 snmp-heapoverflow-2.pcap snmp-heapoverflow-2.out +isoclns-heapoverflow-2 isoclns-heapoverflow-2.pcap isoclns-heapoverflow-2.out -e -c1 +isoclns-heapoverflow-3 isoclns-heapoverflow-3.pcap isoclns-heapoverflow-3.out -e -c1 +stp-v4-length-sigsegv stp-v4-length-sigsegv.pcap stp-v4-length-sigsegv.out # RTP tests # fuzzed pcap -rtp-seg-fault-1 rtp-seg-fault-1.pcap rtp-seg-fault-1.out -t -v -T rtp -rtp-seg-fault-2 rtp-seg-fault-2.pcap rtp-seg-fault-2.out -t -v -T rtp +rtp-seg-fault-1 rtp-seg-fault-1.pcap rtp-seg-fault-1.out -v -T rtp +rtp-seg-fault-2 rtp-seg-fault-2.pcap rtp-seg-fault-2.out -v -T rtp # NFS tests # fuzzed pcap -nfs-seg-fault-1 nfs-seg-fault-1.pcap nfs-seg-fault-1.out -t +nfs-seg-fault-1 nfs-seg-fault-1.pcap nfs-seg-fault-1.out diff --git a/tests/TESTonce b/tests/TESTonce index 78ad0752..012364fc 100755 --- a/tests/TESTonce +++ b/tests/TESTonce @@ -15,13 +15,13 @@ $options=$ARGV[3]; my $r; if ($^O eq 'MSWin32') { - $r = system "..\\windump -n -r $input $options 2>NUL | sed 's/\\r//' | tee NEW/$output | diff $output - >DIFF/$output.diff"; + $r = system "..\\windump -n -t -r $input $options 2>NUL | sed 's/\\r//' | tee NEW/$output | diff $output - >DIFF/$output.diff"; # need to do same as below for Cygwin. } else { # we used to do this as a nice pipeline, but the problem is that $r fails to # to be set properly if the tcpdump core dumps. - $r = system "../tcpdump 2>/dev/null -n -r $input $options >NEW/$output"; + $r = system "../tcpdump 2>/dev/null -n -t -r $input $options >NEW/$output"; if($r == 0x100) { # this means tcpdump exited with code 1. open(OUTPUT, ">>"."NEW/$output") || die "fail to open $output\n"; diff --git a/tests/crypto.sh b/tests/crypto.sh index f20e2391..5e295957 100755 --- a/tests/crypto.sh +++ b/tests/crypto.sh @@ -1,12 +1,17 @@ #!/bin/sh +exitcode=0 + # Only attempt OpenSSL-specific tests when compiled with the library. if grep '^#define HAVE_LIBCRYPTO 1$' ../config.h >/dev/null then - ./TESTonce esp1 02-sunrise-sunset-esp.pcap esp1.out '-t -E "0x12345678@192.1.2.45 3des-cbc-hmac96:0x4043434545464649494a4a4c4c4f4f515152525454575758"' - ./TESTonce esp2 08-sunrise-sunset-esp2.pcap esp2.out '-t -E "0x12345678@192.1.2.45 3des-cbc-hmac96:0x43434545464649494a4a4c4c4f4f51515252545457575840,0xabcdabcd@192.0.1.1 3des-cbc-hmac96:0x434545464649494a4a4c4c4f4f5151525254545757584043"' - ./TESTonce esp3 02-sunrise-sunset-esp.pcap esp1.out '-t -E "3des-cbc-hmac96:0x4043434545464649494a4a4c4c4f4f515152525454575758"' + ./TESTonce esp1 02-sunrise-sunset-esp.pcap esp1.out '-E "0x12345678@192.1.2.45 3des-cbc-hmac96:0x4043434545464649494a4a4c4c4f4f515152525454575758"' + [ $? -eq 0 ] || exitcode=1 + ./TESTonce esp2 08-sunrise-sunset-esp2.pcap esp2.out '-E "0x12345678@192.1.2.45 3des-cbc-hmac96:0x43434545464649494a4a4c4c4f4f51515252545457575840,0xabcdabcd@192.0.1.1 3des-cbc-hmac96:0x434545464649494a4a4c4c4f4f5151525254545757584043"' + [ $? -eq 0 ] || exitcode=1 + ./TESTonce esp3 02-sunrise-sunset-esp.pcap esp1.out '-E "3des-cbc-hmac96:0x4043434545464649494a4a4c4c4f4f515152525454575758"' + [ $? -eq 0 ] || exitcode=1 # Reading the secret(s) from a file does not work with Capsicum. if grep '^#define HAVE_CAPSICUM 1$' ../config.h >/dev/null then @@ -17,11 +22,16 @@ then printf "$FORMAT" ikev2pI2 printf "$FORMAT" isakmp4 else - ./TESTonce esp4 08-sunrise-sunset-esp2.pcap esp2.out '-t -E "file esp-secrets.txt"' - ./TESTonce esp5 08-sunrise-sunset-aes.pcap esp5.out '-t -E "file esp-secrets.txt"' - ./TESTonce espudp1 espudp1.pcap espudp1.out '-nnnn -t -E "file esp-secrets.txt"' - ./TESTonce ikev2pI2 ikev2pI2.pcap ikev2pI2.out '-t -E "file ikev2pI2-secrets.txt" -v -v -v -v' - ./TESTonce isakmp4 isakmp4500.pcap isakmp4.out '-t -E "file esp-secrets.txt"' + ./TESTonce esp4 08-sunrise-sunset-esp2.pcap esp2.out '-E "file esp-secrets.txt"' + [ $? -eq 0 ] || exitcode=1 + ./TESTonce esp5 08-sunrise-sunset-aes.pcap esp5.out '-E "file esp-secrets.txt"' + [ $? -eq 0 ] || exitcode=1 + ./TESTonce espudp1 espudp1.pcap espudp1.out '-nnnn -E "file esp-secrets.txt"' + [ $? -eq 0 ] || exitcode=1 + ./TESTonce ikev2pI2 ikev2pI2.pcap ikev2pI2.out '-E "file ikev2pI2-secrets.txt" -v -v -v -v' + [ $? -eq 0 ] || exitcode=1 + ./TESTonce isakmp4 isakmp4500.pcap isakmp4.out '-E "file esp-secrets.txt"' + [ $? -eq 0 ] || exitcode=1 fi else FORMAT=' %-35s: TEST SKIPPED (compiled w/o OpenSSL)\n' @@ -34,3 +44,5 @@ else printf "$FORMAT" ikev2pI2 printf "$FORMAT" isakmp4 fi + +exit $exitcode diff --git a/tests/isis-seg-fault-1-v.sh b/tests/isis-seg-fault-1-v.sh index 2e9b6ec5..57965e8e 100755 --- a/tests/isis-seg-fault-1-v.sh +++ b/tests/isis-seg-fault-1-v.sh @@ -4,6 +4,7 @@ # may produce a slightly different result if the compiler is not GCC. # Test only with GCC (similar to GitHub issue #333). +exitcode=0 test_name=isis-seg-fault-1-v if [ ! -f ../Makefile ] @@ -11,7 +12,10 @@ then printf ' %-35s: TEST SKIPPED (no Makefile)\n' $test_name elif grep '^CC = .*gcc' ../Makefile >/dev/null then - ./TESTonce $test_name isis-seg-fault-1.pcap isis-seg-fault-1-v.out '-t -v' + ./TESTonce $test_name isis-seg-fault-1.pcap isis-seg-fault-1-v.out '-v' + [ $? -eq 0 ] || exitcode=1 else printf ' %-35s: TEST SKIPPED (compiler is not GCC)\n' $test_name fi + +exit $exitcode diff --git a/tests/lmp-v.sh b/tests/lmp-v.sh index 1c286bf5..2d018864 100755 --- a/tests/lmp-v.sh +++ b/tests/lmp-v.sh @@ -6,6 +6,8 @@ # GCC build and must reproduce correctly on any other GCC build regardless of # the architecture. +exitcode=0 + # A Windows build may have no file named Makefile and also a version of grep # that won't return an error when the file does not exist. Work around. if [ ! -f ../Makefile ] @@ -13,7 +15,10 @@ then printf ' %-35s: TEST SKIPPED (no Makefile)\n' 'lmp-v' elif grep '^CC = .*gcc' ../Makefile >/dev/null then - ./TESTonce lmp-v lmp.pcap lmp-v.out '-t -T lmp -v' + ./TESTonce lmp-v lmp.pcap lmp-v.out '-T lmp -v' + [ $? -eq 0 ] || exitcode=1 else printf ' %-35s: TEST SKIPPED (compiler is not GCC)\n' 'lmp-v' fi + +exit $exitcode diff --git a/tests/nflog-e.sh b/tests/nflog-e.sh index 46b99eec..5b002bf1 100755 --- a/tests/nflog-e.sh +++ b/tests/nflog-e.sh @@ -1,10 +1,15 @@ #!/bin/sh +exitcode=0 + # NFLOG support depends on both DLT_NFLOG and working <pcap/nflog.h> if grep '^#define HAVE_PCAP_NFLOG_H 1$' ../config.h >/dev/null then - ./TESTonce nflog-e nflog.pcap nflog-e.out '-t -e' + ./TESTonce nflog-e nflog.pcap nflog-e.out '-e' + [ $? -eq 0 ] || exitcode=1 else printf ' %-35s: TEST SKIPPED (compiled w/o NFLOG)\n' 'nflog-e' fi + +exit $exitcode diff --git a/tests/stp-v4-length-sigsegv.out b/tests/stp-v4-length-sigsegv.out new file mode 100644 index 00000000..8519243b --- /dev/null +++ b/tests/stp-v4-length-sigsegv.out @@ -0,0 +1 @@ +STP 802.1aq, Rapid STP, CIST Flags [Learn, Forward], length 808464415[|stp 808464415] diff --git a/tests/stp-v4-length-sigsegv.pcap b/tests/stp-v4-length-sigsegv.pcap Binary files differnew file mode 100644 index 00000000..b6ae2ac1 --- /dev/null +++ b/tests/stp-v4-length-sigsegv.pcap @@ -1 +1 @@ -const char version[] = "4.9.0"; +const char version[] = "4.9.1"; |