Fix libpcap issue #893: check for invalid IPv4 addresses.
This fixes errors such as:
tcpdump -i lagg0 net 999.999.999.999
This was originally discovered on a Red Hat 7.7 server and verified
to also be a bug on FreeBSD.
Obtained from: https://github.com/the-tcpdump-group/libpcap/commit/ \
07070918d5e81a515315b395f334e52589fe0fb
Fixed by: https://github.com/guyharris
MFC after: 2 weeks
- Restore local change to include <net/bpf.h> inside pcap.h.
This fixes ports build problems.
- Update local copy of dlt.h with new DLT types.
- Revert no longer needed <net/bpf.h> includes which were added
as part of r334277.
Suggested by: antoine@, delphij@, np@
MFC after: 3 weeks
Sponsored by: Mellanox Technologies
run directly on netmap ports using netmap:foo or valeXX:YY device names.
Modifications to existing code are small and trivial, the netmap-specific
code is all in a new file.
Please be aware that in netmap mode the physical interface is disconnected from
the host stack, so libpcap will steal the traffic not just make a copy.
For the full version of the code (including linux and autotools support) see
https://code.google.com/p/netmap-libpcap/
MFC after: 3 days
The origin of WEP comes from IEEE Std 802.11-1997 where it defines
whether the frame body of MAC frame has been encrypted using WEP
algorithm or not.
IEEE Std. 802.11-2007 changes WEP to Protected Frame, indicates
whether the frame is protected by a cryptographic encapsulation
algorithm.
Reviewed by: adrian, rpaulo
in net, to avoid compatibility breakage for no sake.
The future plan is to split most of non-kernel parts of
pfvar.h into pf.h, and then make pfvar.h a kernel only
include breaking compatibility.
Discussed with: bz
- Provide pf_altq.h that has only stuff needed for ALTQ.
- Start pf.h, that would have all constant values and
eventually non-kernel structures.
- Build ALTQ w/o pfvar.h, include if_var.h, that before
came via pollution.
- Build tcpdump w/o pfvar.h.
Sponsored by: Netflix
Sponsored by: Nginx, Inc.
In userland, sign extend the offset for JA instructions.
We currently use that to implement "ip6 protochain", and "pc" might be
wider than "pc->k", in which case we need to arrange that "pc->k" be
sign-extended, by casting it to bpf_int32.
PR: kern/157188
Submitted by: plosher
MFC after: 2 weeks
buffers. This fixes a segfault on exit due to calling free on a bogus pointer.
This should be considered a temporary stop gap fix to avoid the crash. The
complete fix re-shuffles the initializations of some of the clean-up pointers.
The details of the fix can be found in the libpcap git repository:
commit bc8209b71e928870b0f172d43b174ab27ba24394
Proded by: kevlo, rpaulo
MFC after: 2 weeks
Submitted by: Anton Yuzhaninov
c65292b04b98d6a76d58c5a54ca8f81463bf24de to support new SIOCGIFDESCR
ioctl interface which was too late for libpcap 1.1.1.
Reported by: brucec
Noticed by: wxs
Unconstify arguments of bpf_image(), bpf_filter() and bpf_dump(). This
is needed because some ports rely heavely on these arguments (some of
them even roll out their own implemenentations of bpf_dump).
different version has been committed upstream in the libpcap vendor branch.
This will allow people to experiment with zero-copy bpf(4) without requiring
external patches.
Note to enable this functionality:
sysctl net.bpf.zerocopy_enable=1
By default, libpcap will use the legacy buffering method unless this sysctl
variable is set to 1.
For the details about zero-copy bpf(4) implementation see svn change r177548.
Requested by: many
Discussed with: sam
In collaboration with: rwatson
