From 0cb9e74fb332e713037711ed8de22076d3ba91df Mon Sep 17 00:00:00 2001 From: Peter Avalos Date: Thu, 11 Oct 2007 00:42:47 +0000 Subject: [PATCH] Import libpcap-0.9.8: Allow reading of pflog formatted libpcap files on an OS other than where the file was generated. --- contrib/libpcap-0.9/CHANGES | 9 +++- contrib/libpcap-0.9/VERSION | 2 +- contrib/libpcap-0.9/fad-getad.c | 8 +++- contrib/libpcap-0.9/gencode.c | 66 +++++++++++++++++++++++++++-- contrib/libpcap-0.9/grammar.y | 74 +++++++++++++++++++++++---------- contrib/libpcap-0.9/optimize.c | 12 +++--- contrib/libpcap-0.9/pcap-bpf.h | 38 ++++++++++++++++- contrib/libpcap-0.9/pcap.c | 6 +-- contrib/libpcap-0.9/savefile.c | 32 +++++++++++++- 9 files changed, 206 insertions(+), 41 deletions(-) diff --git a/contrib/libpcap-0.9/CHANGES b/contrib/libpcap-0.9/CHANGES index a65654726a..536e1a2c18 100644 --- a/contrib/libpcap-0.9/CHANGES +++ b/contrib/libpcap-0.9/CHANGES @@ -1,4 +1,11 @@ -@(#) $Header: /tcpdump/master/libpcap/CHANGES,v 1.59.2.11 2007/07/24 02:27:32 mcr Exp $ (LBL) +@(#) $Header: /tcpdump/master/libpcap/CHANGES,v 1.59.2.13 2007/09/12 22:40:04 ken Exp $ (LBL) + +Mon. September 10, 2007. ken@xelerance.com. Summary for 0.9.8 libpcap release + Change build process to put public libpcap headers into pcap subir + DLT: Add value for IPMI IPMB packets + DLT: Add value for u10 Networks boards + Require for pf definitions - allows reading of pflog formatted + libpcap files on an OS other than where the file was generated Wed. July 23, 2007. mcr@xelerance.com. Summary for 0.9.7 libpcap release diff --git a/contrib/libpcap-0.9/VERSION b/contrib/libpcap-0.9/VERSION index c81aa44afb..e3e180701e 100644 --- a/contrib/libpcap-0.9/VERSION +++ b/contrib/libpcap-0.9/VERSION @@ -1 +1 @@ -0.9.7 +0.9.8 diff --git a/contrib/libpcap-0.9/fad-getad.c b/contrib/libpcap-0.9/fad-getad.c index 58305d5656..8101165796 100644 --- a/contrib/libpcap-0.9/fad-getad.c +++ b/contrib/libpcap-0.9/fad-getad.c @@ -34,7 +34,7 @@ #ifndef lint static const char rcsid[] _U_ = - "@(#) $Header: /tcpdump/master/libpcap/fad-getad.c,v 1.10.2.1 2005/04/10 18:04:49 hannes Exp $ (LBL)"; + "@(#) $Header: /tcpdump/master/libpcap/fad-getad.c,v 1.10.2.2 2007/09/14 00:45:17 guy Exp $ (LBL)"; #endif #ifdef HAVE_CONFIG_H @@ -61,7 +61,11 @@ static const char rcsid[] _U_ = #endif #ifdef AF_PACKET -# include +# ifdef __Lynx__ +# include /* LynxOS */ +# else +# include /* Linux */ +# endif #endif /* diff --git a/contrib/libpcap-0.9/gencode.c b/contrib/libpcap-0.9/gencode.c index 5067abc6d5..d2cae2101c 100644 --- a/contrib/libpcap-0.9/gencode.c +++ b/contrib/libpcap-0.9/gencode.c @@ -21,7 +21,7 @@ */ #ifndef lint static const char rcsid[] _U_ = - "@(#) $Header: /tcpdump/master/libpcap/gencode.c,v 1.221.2.52 2007/06/22 06:43:58 guy Exp $ (LBL)"; + "@(#) $Header: /tcpdump/master/libpcap/gencode.c,v 1.221.2.53 2007/09/12 19:17:24 guy Exp $ (LBL)"; #endif #ifdef HAVE_CONFIG_H @@ -73,7 +73,12 @@ static const char rcsid[] _U_ = #include "ppp.h" #include "sll.h" #include "arcnet.h" -#include "pf.h" +#ifdef HAVE_NET_PFVAR_H +#include +#include +#include +#include +#endif #ifndef offsetof #define offsetof(s, e) ((size_t)&((s *)0)->e) #endif @@ -1175,12 +1180,13 @@ init_linktype(p) off_nl_nosnap = 44; /* XXX - what does it do with 802.3 packets? */ return; +#ifdef HAVE_NET_PFVAR_H case DLT_PFLOG: off_linktype = 0; - /* XXX read this from pf.h? */ off_nl = PFLOG_HDRLEN; off_nl_nosnap = PFLOG_HDRLEN; /* no 802.2 LLC */ return; +#endif case DLT_JUNIPER_MFR: case DLT_JUNIPER_MLFR: @@ -2426,6 +2432,7 @@ gen_linktype(proto) } return (gen_cmp(OR_LINK, 0, BPF_W, (bpf_int32)proto)); +#ifdef HAVE_NET_PFVAR_H case DLT_PFLOG: /* * af field is host byte order in contrast to the rest of @@ -2443,6 +2450,7 @@ gen_linktype(proto) return gen_false(); /*NOTREACHED*/ break; +#endif /* HAVE_NET_PFVAR_H */ case DLT_ARCNET: case DLT_ARCNET_LINUX: @@ -6374,10 +6382,12 @@ gen_inbound(dir) } break; +#ifdef HAVE_NET_PFVAR_H case DLT_PFLOG: b0 = gen_cmp(OR_LINK, offsetof(struct pfloghdr, dir), BPF_B, (bpf_int32)((dir == 0) ? PF_IN : PF_OUT)); break; +#endif case DLT_PPP_PPPD: if (dir) { @@ -6425,6 +6435,7 @@ gen_inbound(dir) return (b0); } +#ifdef HAVE_NET_PFVAR_H /* PF firewall log matched interface */ struct block * gen_pf_ifname(const char *ifname) @@ -6534,6 +6545,55 @@ gen_pf_action(int action) return (b0); } +#else /* !HAVE_NET_PFVAR_H */ +struct block * +gen_pf_ifname(const char *ifname) +{ + bpf_error("libpcap was compiled without pf support"); + /* NOTREACHED */ + return (NULL); +} + +struct block * +gen_pf_ruleset(char *ruleset) +{ + bpf_error("libpcap was compiled on a machine without pf support"); + /* NOTREACHED */ + return (NULL); +} + +struct block * +gen_pf_rnr(int rnr) +{ + bpf_error("libpcap was compiled on a machine without pf support"); + /* NOTREACHED */ + return (NULL); +} + +struct block * +gen_pf_srnr(int srnr) +{ + bpf_error("libpcap was compiled on a machine without pf support"); + /* NOTREACHED */ + return (NULL); +} + +struct block * +gen_pf_reason(int reason) +{ + bpf_error("libpcap was compiled on a machine without pf support"); + /* NOTREACHED */ + return (NULL); +} + +struct block * +gen_pf_action(int action) +{ + bpf_error("libpcap was compiled on a machine without pf support"); + /* NOTREACHED */ + return (NULL); +} +#endif /* HAVE_NET_PFVAR_H */ struct block * gen_acode(eaddr, q) diff --git a/contrib/libpcap-0.9/grammar.y b/contrib/libpcap-0.9/grammar.y index eedd630516..f9b7cb1b6c 100644 --- a/contrib/libpcap-0.9/grammar.y +++ b/contrib/libpcap-0.9/grammar.y @@ -22,7 +22,7 @@ */ #ifndef lint static const char rcsid[] _U_ = - "@(#) $Header: /tcpdump/master/libpcap/grammar.y,v 1.86.2.8 2007/06/11 09:52:04 guy Exp $ (LBL)"; + "@(#) $Header: /tcpdump/master/libpcap/grammar.y,v 1.86.2.9 2007/09/12 19:17:25 guy Exp $ (LBL)"; #endif #ifdef HAVE_CONFIG_H @@ -52,7 +52,11 @@ struct rtentry; #include "pcap-int.h" #include "gencode.h" -#include "pf.h" +#ifdef HAVE_NET_PFVAR_H +#include +#include +#include +#endif #include #ifdef HAVE_OS_PROTO_H @@ -85,6 +89,50 @@ pcap_parse() } #endif +#ifdef HAVE_NET_PFVAR_H +static int +pfreason_to_num(const char *reason) +{ + const char *reasons[] = PFRES_NAMES; + int i; + + for (i = 0; reasons[i]; i++) { + if (pcap_strcasecmp(reason, reasons[i]) == 0) + return (i); + } + bpf_error("unknown PF reason"); + /*NOTREACHED*/ +} + +static int +pfaction_to_num(const char *action) +{ + if (pcap_strcasecmp(action, "pass") == 0 || + pcap_strcasecmp(action, "accept") == 0) + return (PF_PASS); + else if (pcap_strcasecmp(action, "drop") == 0 || + pcap_strcasecmp(action, "block") == 0) + return (PF_DROP); + else { + bpf_error("unknown PF action"); + /*NOTREACHED*/ + } +} +#else /* !HAVE_NET_PFVAR_H */ +static int +pfreason_to_num(const char *reason) +{ + bpf_error("libpcap was compiled on a machine without pf support"); + /*NOTREACHED*/ +} + +static int +pfaction_to_num(const char *action) +{ + bpf_error("libpcap was compiled on a machine without pf support"); + /*NOTREACHED*/ +} +#endif /* HAVE_NET_PFVAR_H */ %} %union { @@ -351,28 +399,10 @@ pfvar: PF_IFNAME ID { $$ = gen_pf_ifname($2); } ; reason: NUM { $$ = $1; } - | ID { const char *reasons[] = PFRES_NAMES; - int i; - for (i = 0; reasons[i]; i++) { - if (pcap_strcasecmp($1, reasons[i]) == 0) { - $$ = i; - break; - } - } - if (reasons[i] == NULL) - bpf_error("unknown PF reason"); - } + | ID { $$ = pfreason_to_num($1); } ; -action: ID { if (pcap_strcasecmp($1, "pass") == 0 || - pcap_strcasecmp($1, "accept") == 0) - $$ = PF_PASS; - else if (pcap_strcasecmp($1, "drop") == 0 || - pcap_strcasecmp($1, "block") == 0) - $$ = PF_DROP; - else - bpf_error("unknown PF action"); - } +action: ID { $$ = pfaction_to_num($1); } ; relop: '>' { $$ = BPF_JGT; } diff --git a/contrib/libpcap-0.9/optimize.c b/contrib/libpcap-0.9/optimize.c index 1502ab15ee..d39273b2aa 100644 --- a/contrib/libpcap-0.9/optimize.c +++ b/contrib/libpcap-0.9/optimize.c @@ -22,7 +22,7 @@ */ #ifndef lint static const char rcsid[] _U_ = - "@(#) $Header: /tcpdump/master/libpcap/optimize.c,v 1.85.2.2 2007/07/15 19:55:04 guy Exp $ (LBL)"; + "@(#) $Header: /tcpdump/master/libpcap/optimize.c,v 1.85.2.3 2007/09/12 21:29:45 guy Exp $ (LBL)"; #endif #ifdef HAVE_CONFIG_H @@ -1972,7 +1972,7 @@ opt_init(root) */ unMarkAll(); n = count_blocks(root); - blocks = (struct block **)malloc(n * sizeof(*blocks)); + blocks = (struct block **)calloc(n, sizeof(*blocks)); if (blocks == NULL) bpf_error("malloc"); unMarkAll(); @@ -1980,14 +1980,14 @@ opt_init(root) number_blks_r(root); n_edges = 2 * n_blocks; - edges = (struct edge **)malloc(n_edges * sizeof(*edges)); + edges = (struct edge **)calloc(n_edges, sizeof(*edges)); if (edges == NULL) bpf_error("malloc"); /* * The number of levels is bounded by the number of nodes. */ - levels = (struct block **)malloc(n_blocks * sizeof(*levels)); + levels = (struct block **)calloc(n_blocks, sizeof(*levels)); if (levels == NULL) bpf_error("malloc"); @@ -2034,8 +2034,8 @@ opt_init(root) * we'll need. */ maxval = 3 * max_stmts; - vmap = (struct vmapinfo *)malloc(maxval * sizeof(*vmap)); - vnode_base = (struct valnode *)malloc(maxval * sizeof(*vnode_base)); + vmap = (struct vmapinfo *)calloc(maxval, sizeof(*vmap)); + vnode_base = (struct valnode *)calloc(maxval, sizeof(*vnode_base)); if (vmap == NULL || vnode_base == NULL) bpf_error("malloc"); } diff --git a/contrib/libpcap-0.9/pcap-bpf.h b/contrib/libpcap-0.9/pcap-bpf.h index aae7b56525..62c493b276 100644 --- a/contrib/libpcap-0.9/pcap-bpf.h +++ b/contrib/libpcap-0.9/pcap-bpf.h @@ -37,7 +37,7 @@ * * @(#)bpf.h 7.1 (Berkeley) 5/7/91 * - * @(#) $Header: /tcpdump/master/libpcap/pcap-bpf.h,v 1.34.2.20 2007/07/19 06:20:53 guy Exp $ (LBL) + * @(#) $Header: /tcpdump/master/libpcap/pcap-bpf.h,v 1.34.2.24 2007/09/19 02:52:12 guy Exp $ (LBL) */ /* @@ -132,7 +132,7 @@ struct bpf_version { #define DLT_AX25 3 /* Amateur Radio AX.25 */ #define DLT_PRONET 4 /* Proteon ProNET Token Ring */ #define DLT_CHAOS 5 /* Chaos */ -#define DLT_IEEE802 6 /* IEEE 802 Networks */ +#define DLT_IEEE802 6 /* 802.5 Token Ring */ #define DLT_ARCNET 7 /* ARCNET, with BSD-style header */ #define DLT_SLIP 8 /* Serial Line IP */ #define DLT_PPP 9 /* Point-to-point Protocol */ @@ -707,6 +707,40 @@ struct bpf_version { */ #define DLT_SITA 196 +/* + * Various link-layer types, with a pseudo-header, for Endace DAG cards; + * encapsulates Endace ERF records. Requested by Stephen Donnelly + * . + */ +#define DLT_ERF 197 + +/* + * Special header prepended to Ethernet packets when capturing from a + * u10 Networks board. Requested by Phil Mulholland + * . + */ +#define DLT_RAIF1 198 + +/* + * IPMB packet for IPMI, beginning with the I2C slave address, followed + * by the netFn and LUN, etc.. Requested by Chanthy Toeung + * . + */ +#define DLT_IPMB 199 + +/* + * Juniper-private data link type, as per request from + * Hannes Gredler . + * The DLT_ is used for capturing data on a secure tunnel interface. + */ +#define DLT_JUNIPER_ST 200 + +/* + * Bluetooth HCI UART transport layer (part H:4), with pseudo-header + * that includes direction information; requested by Paolo Abeni. + */ +#define DLT_BLUETOOTH_HCI_H4_WITH_PHDR 201 + /* * The instruction encodings. diff --git a/contrib/libpcap-0.9/pcap.c b/contrib/libpcap-0.9/pcap.c index 05ba1418c4..0822e1adf0 100644 --- a/contrib/libpcap-0.9/pcap.c +++ b/contrib/libpcap-0.9/pcap.c @@ -33,7 +33,7 @@ #ifndef lint static const char rcsid[] _U_ = - "@(#) $Header: /tcpdump/master/libpcap/pcap.c,v 1.88.2.17 2007/06/22 06:43:58 guy Exp $ (LBL)"; + "@(#) $Header: /tcpdump/master/libpcap/pcap.c,v 1.88.2.19 2007/09/19 02:50:52 guy Exp $ (LBL)"; #endif #ifdef HAVE_CONFIG_H @@ -240,7 +240,7 @@ pcap_list_datalinks(pcap_t *p, int **dlt_buffer) **dlt_buffer = p->linktype; return (1); } else { - *dlt_buffer = (int*)malloc(sizeof(**dlt_buffer) * p->dlt_count); + *dlt_buffer = (int*)calloc(sizeof(**dlt_buffer), p->dlt_count); if (*dlt_buffer == NULL) { (void)snprintf(p->errbuf, sizeof(p->errbuf), "malloc: %s", pcap_strerror(errno)); @@ -817,7 +817,7 @@ pcap_close(pcap_t *p) #ifdef HAVE_VERSION_H #include "version.h" #else -static const char pcap_version_string[] = "libpcap version 0.9.7"; +static const char pcap_version_string[] = "libpcap version 0.9.8"; #endif #ifdef WIN32 diff --git a/contrib/libpcap-0.9/savefile.c b/contrib/libpcap-0.9/savefile.c index b8658502c0..e5a540315f 100644 --- a/contrib/libpcap-0.9/savefile.c +++ b/contrib/libpcap-0.9/savefile.c @@ -30,7 +30,7 @@ #ifndef lint static const char rcsid[] _U_ = - "@(#) $Header: /tcpdump/master/libpcap/savefile.c,v 1.126.2.27 2007/07/19 06:20:53 guy Exp $ (LBL)"; + "@(#) $Header: /tcpdump/master/libpcap/savefile.c,v 1.126.2.30 2007/08/14 20:57:49 guy Exp $ (LBL)"; #endif #ifdef HAVE_CONFIG_H @@ -530,6 +530,27 @@ static const char rcsid[] _U_ = */ #define LINKTYPE_SITA 196 +/* + * Various link-layer types, with a pseudo-header, for Endace DAG cards; + * encapsulates Endace ERF records. Requested by Stephen Donnelly + * . + */ +#define LINKTYPE_ERF 197 + +/* + * Special header prepended to Ethernet packets when capturing from a + * u10 Networks board. Requested by Phil Mulholland + * . + */ +#define LINKTYPE_RAIF1 198 + +/* + * IPMB packet for IPMI, beginning with the I2C slave address, followed + * by the netFn and LUN, etc.. Requested by Chanthy Toeung + * . + */ +#define LINKTYPE_IPMB 199 + static struct linktype_map { int dlt; @@ -781,6 +802,15 @@ static struct linktype_map { /* Various link-layer types for SITA */ { DLT_SITA, LINKTYPE_SITA }, + /* Various link-layer types for Endace */ + { DLT_ERF, LINKTYPE_ERF }, + + /* Special header for u10 Networks boards */ + { DLT_RAIF1, LINKTYPE_RAIF1 }, + + /* IPMB */ + { DLT_IPMB, LINKTYPE_IPMB }, + { -1, -1 } }; -- 2.41.0