tcpdump
tcpdump copied to clipboard
the-tcpdump-group
the TCPdump network dissector
14:49:07.155314 IP 10.10.4.164 > 10.10.4.165: ESP(spi=0xe8415058,seq=0x10), length 148 14:49:07.155314 IP6 , wrong link-layer encapsulationbad-hlen 0 14:49:07.155401 IP6 fd68:c9f9:4157::a0a:4a4 > fd68:c9f9:4157:2:0:1:808:808: ICMP6, echo request, seq 11, length 64 This is one...
Suppose that it was needed to have `tcpdump` rotate six captures per minute in a cyclical manner, with each capture spanning the same time frame of 10 seconds. This should...
Currently, if one wishes to start recording on network interfaces that appear after capturing has started, one uses the following command: tcpdump -i any -s 0 -w host 10.1.1.1 A...
On most OS platforms `fprintf()` et.al. are considered to be [signal unsafe](https://www.google.co.uk/search?q=is+fprintf+signal+safe). I've noticed the signal handlers in tcpdump call `fprintf()`. The patch below defers call to `fprintf()` triggered by...
Hi, we developed a taint analysis based static analysis tool named Vanguard. It could prognosis potential vulnerabilities by identifying security-sensitive operations (e.g. divide-zero, mod-zero, array-index-access, and sensitive function calls) without...
At line 86: https://github.com/the-tcpdump-group/tcpdump/blob/400643120a48eca33973f6a47b34f0dcfde4d20a/print-zep.c#L86 print-zep.c:86:22: runtime error: unsigned integer overflow: 16843009 - 2208988800 cannot be represented in type 'unsigned int' POC: [pkt-64-zep.c-86.pcap.gz](https://github.com/the-tcpdump-group/tcpdump/files/3019474/pkt-64-zep.c-86.pcap.gz) cc: @kivinen
As my previous pull request(s) all seem to have stalled, I decided to rebase on commit f085c93f and start another (this!) pull request. Features are implementing NTP mode6 packet decoding....
Created a separate branch so I can keep upstream and workgroup README and version strings separate.
...unless --without-user is passed Hopefully more people will be aware of this option as a result.
This is a shot at resolving #279, adjusting what was proposed at https://sourceforge.net/p/tcpdump/patches/120/.
