In the past, we modified pcap/pcap.h to include the system net/bpf.h
rather than libpcap's own pcap/bpf.h. However, starting around 1.10.2,
libpcap requires a few extern functions defined in pcap/bpf.h to build.
Simply reverting that local change and pulling in pcap/bpf.h is not a
solution, because some ports with '#include <pcap.h>' such as mail/spamd
and net/xprobe require the system net/bpf.h to be pulled in. To
accommodate both requirements, make pcap/bpf.h a wrapper around the
system net/bpf.h, but retain the extern function definitions. This is
in preparation for libpcap 1.10.3.
Approved by: cy, philip, emaste, delphij (earlier revision)
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D38575
Fix libpcap issue #893: check for invalid IPv4 addresses.
This fixes errors such as:
tcpdump -i lagg0 net 999.999.999.999
This was originally discovered on a Red Hat 7.7 server and verified
to also be a bug on FreeBSD.
Obtained from: https://github.com/the-tcpdump-group/libpcap/commit/ \
07070918d5e81a515315b395f334e52589fe0fb
Fixed by: https://github.com/guyharris
MFC after: 2 weeks
- Restore local change to include <net/bpf.h> inside pcap.h.
This fixes ports build problems.
- Update local copy of dlt.h with new DLT types.
- Revert no longer needed <net/bpf.h> includes which were added
as part of r334277.
Suggested by: antoine@, delphij@, np@
MFC after: 3 weeks
Sponsored by: Mellanox Technologies
run directly on netmap ports using netmap:foo or valeXX:YY device names.
Modifications to existing code are small and trivial, the netmap-specific
code is all in a new file.
Please be aware that in netmap mode the physical interface is disconnected from
the host stack, so libpcap will steal the traffic not just make a copy.
For the full version of the code (including linux and autotools support) see
https://code.google.com/p/netmap-libpcap/
MFC after: 3 days
The origin of WEP comes from IEEE Std 802.11-1997 where it defines
whether the frame body of MAC frame has been encrypted using WEP
algorithm or not.
IEEE Std. 802.11-2007 changes WEP to Protected Frame, indicates
whether the frame is protected by a cryptographic encapsulation
algorithm.
Reviewed by: adrian, rpaulo
in net, to avoid compatibility breakage for no sake.
The future plan is to split most of non-kernel parts of
pfvar.h into pf.h, and then make pfvar.h a kernel only
include breaking compatibility.
Discussed with: bz
- Provide pf_altq.h that has only stuff needed for ALTQ.
- Start pf.h, that would have all constant values and
eventually non-kernel structures.
- Build ALTQ w/o pfvar.h, include if_var.h, that before
came via pollution.
- Build tcpdump w/o pfvar.h.
Sponsored by: Netflix
Sponsored by: Nginx, Inc.
In userland, sign extend the offset for JA instructions.
We currently use that to implement "ip6 protochain", and "pc" might be
wider than "pc->k", in which case we need to arrange that "pc->k" be
sign-extended, by casting it to bpf_int32.
PR: kern/157188
Submitted by: plosher
MFC after: 2 weeks
buffers. This fixes a segfault on exit due to calling free on a bogus pointer.
This should be considered a temporary stop gap fix to avoid the crash. The
complete fix re-shuffles the initializations of some of the clean-up pointers.
The details of the fix can be found in the libpcap git repository:
commit bc8209b71e928870b0f172d43b174ab27ba24394
Proded by: kevlo, rpaulo
MFC after: 2 weeks
Submitted by: Anton Yuzhaninov
c65292b04b98d6a76d58c5a54ca8f81463bf24de to support new SIOCGIFDESCR
ioctl interface which was too late for libpcap 1.1.1.
Reported by: brucec
Noticed by: wxs
Unconstify arguments of bpf_image(), bpf_filter() and bpf_dump(). This
is needed because some ports rely heavely on these arguments (some of
them even roll out their own implemenentations of bpf_dump).
