tcpdump mailing list archives
Re: (another) bug in the BPF compiler (wireless)
From: "Gianluca Varenni" <gianluca.varenni () cacetech com>
Date: Mon, 26 Nov 2007 13:19:54 -0800
That was the bug. I've committed the patch to both HEAD and the libpcap_1_0 branch.
Thanks for the fix! Have a nice day GV----- Original Message ----- From: "Bruce Keats" <brucekeats () gmail com>
To: <tcpdump-workers () lists tcpdump org> Cc: "Arien Vijn" <arien.vijn () ams-ix net> Sent: Monday, November 26, 2007 11:26 AM Subject: Re: [tcpdump-workers] (another) bug in the BPF compiler (wireless)
I found a bug awhile ago related to SRC MAC for wireless networks. The code is missing the assigment to struct slist *s, so this might be your bug. I have attached the diff you can try it out. BruceOn Nov 26, 2007 1:51 PM, Gianluca Varenni <gianluca.varenni () cacetech com> wrote:----- Original Message ----- From: "Arien Vijn" <arien.vijn () ams-ix net> To: <tcpdump-workers () lists tcpdump org> Cc: "Arien Vijn" <arien.vijn () ams-ix net> Sent: Monday, November 26, 2007 10:13 AMSubject: Re: [tcpdump-workers] (another) bug in the BPF compiler (wireless)> Hi, > > On 26 Nov 2007, at 19:05, Gianluca Varenni wrote: >>> I don't know what the status of the libpcap 1.0/tcpdump 4.0 release >> is,>> but I'd like to hold on the release for a day or so. >> >> I've just found (another) bug in the BPF compiler for wireless link>> types. A simple filter like "link src host 11:22:33:44:55:66" seems >> to>> discard all the packets. >> Although I do not know much about wireless but in ethernet this would > be> source multicast, which is prohibited. That was just a dummy address I wrote (i could have written xx:xx:xx:xx:xx:xx). The problem is related to the fact that the BPF code is picking the wrong address: when ToDS=0, fromDS=1 and it's a data frame, link src host picks the BSSID instead of the Source address. GV > > Kind regards, Arien > > - > This is the tcpdump-workers list. > Visit https://cod.sandelman.ca/ to unsubscribe. - This is the tcpdump-workers list. Visit https://cod.sandelman.ca/ to unsubscribe.- This is the tcpdump-workers list.Visit https://cod.sandelman.ca/ to unsubscribe.
- This is the tcpdump-workers list. Visit https://cod.sandelman.ca/ to unsubscribe.
Current thread:
- (another) bug in the BPF compiler (wireless) Gianluca Varenni (Nov 26)
- Re: (another) bug in the BPF compiler (wireless) Arien Vijn (Nov 26)
- Re: (another) bug in the BPF compiler (wireless) Gianluca Varenni (Nov 26)
- Re: (another) bug in the BPF compiler (wireless) Bruce Keats (Nov 26)
- Re: (another) bug in the BPF compiler (wireless) Gianluca Varenni (Nov 26)
- Re: (another) bug in the BPF compiler (wireless) Gianluca Varenni (Nov 26)
- Re: (another) bug in the BPF compiler (wireless) Arien Vijn (Nov 26)