Patch for Hex display changes

[Kevin Johnson <kjohnson () secureideas net>]

Hi-

First, I would like to thank you all for continuing to support  
tcpdump.  It has saved my rear a number of times.

I have attached a patch inline below that adds a configure option for  
how to display the hex when you are
displaying both the hex and the ascii.  There is a pretty long story  
as to why myself and James Fields did
this patch.  Basically it boils down to the fact that tcpdump  
currently displays the hex twice as wide per line
and every book or document we have ever seen.  Specifically the TCP/ 
IP Handbook on the SANS
website ( http://www.sans.org/resources/tcpip.pdf ) is the model we  
used.  Now personally we do not
have a problem doing the translation when we are working with both we  
have heard a number of
times, and have whined about it ourselves, why doesn't it work the  
same way?  So in a moment of boredom
and rare free time, we created the below patch.  It basically adds a  
--with-sans option to the configure script.
If you do not use this it will continue to display the hex the way it  
does currently.  If you do use it, the display will
work the way the documents we have seen display it.

Any feedback is welcome.
Kevin Johnson and James Fields
kjohnson () secureideas net and james.v.fields () gmail com


-----------------------------------------------------------------------

diff -Naur tcpdump-3.9.4/Makefile.in tcpdump-3.9.4.sans/Makefile.in
--- tcpdump-3.9.4/Makefile.in   2005-09-20 02:05:36.000000000 -0400
+++ tcpdump-3.9.4.sans/Makefile.in      2006-07-25 16:24:27.000000000 -0400
@@ -45,6 +45,8 @@
INCLS = -I. @V_INCLS@
DEFS = @DEFS@ @CPPFLAGS@ @V_DEFS@
+DFLAGS = @DFLAGS@
+
# Standard CFLAGS
CFLAGS = $(CCOPT) $(DEFS) $(INCLS)
@@ -124,7 +126,7 @@
$(PROG): $(OBJ) @V_PCAPDEP@
        @rm -f $@
-       $(CC) $(CFLAGS) $(LDFLAGS) -o $@ $(OBJ) $(LIBS)
+       $(CC) $(CFLAGS) $(LDFLAGS) $(DFLAGS) -o $@ $(OBJ) $(LIBS)
datalinks.o: $(srcdir)/missing/datalinks.c
        $(CC) $(CFLAGS) -o $@ -c $(srcdir)/missing/datalinks.c
diff -Naur tcpdump-3.9.4/acconfig.h tcpdump-3.9.4.sans/acconfig.h
--- tcpdump-3.9.4/acconfig.h    2005-06-03 18:10:15.000000000 -0400
+++ tcpdump-3.9.4.sans/acconfig.h       2006-07-25 22:53:22.000000000 -0400
@@ -2,6 +2,12 @@
  * make them to acconfig.h and rerun autoheader */
@TOP@
+/* Define if you would like to use SANS style hex display */
+#undef SANS
+
+/* Define if you would like to have colorized hex output. */
+#undef COLORHEX
+
/* Define if you have SSLeay 0.9.0b with the buggy cast128. */
#undef HAVE_BUGGY_CAST128
diff -Naur tcpdump-3.9.4/configure.in tcpdump-3.9.4.sans/configure.in
--- tcpdump-3.9.4/configure.in  2005-09-21 12:50:01.000000000 -0400
+++ tcpdump-3.9.4.sans/configure.in     2006-07-25 22:53:22.000000000 -0400
@@ -121,6 +121,34 @@
        ;;
esac
+AC_ARG_WITH(sans,
+ [  --with-sans   Display SANS Style Hex ]
+   )
+AC_MSG_CHECKING([is SANS style hex is wanted])
+case "$withval" in
+yes)   AC_DEFINE(SANS)
+       AC_MSG_RESULT(yes)
+       DFLAGS="-DSANS $DFLAGS"
+       ;;
+*)     AC_MSG_RESULT(no)
+       ;;
+esac
+
AC_ARG_WITH(user, [  --with-user=USERNAME    drop privileges by  
default to USERNAME])
AC_MSG_CHECKING([whether to drop root privileges by default])
if test ! -z "$with_user" ; then
@@ -975,6 +1003,7 @@
AC_SUBST(V_INCLS)
AC_SUBST(V_PCAPDEP)
AC_SUBST(LOCALSRC)
+AC_SUBST(DFLAGS)
AC_PROG_INSTALL
diff -Naur tcpdump-3.9.4/print-ascii.c tcpdump-3.9.4.sans/print-ascii.c
--- tcpdump-3.9.4/print-ascii.c 2005-07-06 16:54:49.000000000 -0400
+++ tcpdump-3.9.4.sans/print-ascii.c    2006-07-25 22:59:02.000000000 -0400
@@ -49,8 +49,17 @@
#include "interface.h"
+
#define ASCII_LINELENGTH 300
-#define HEXDUMP_BYTES_PER_LINE 16
+#ifdef SANS
+       #define HEXDUMP_BYTES_PER_LINE 8
+#endif
+#ifndef SANS
+       #define HEXDUMP_BYTES_PER_LINE 16
+#endif
#define HEXDUMP_SHORTS_PER_LINE (HEXDUMP_BYTES_PER_LINE / 2)
#define HEXDUMP_HEXSTUFF_PER_SHORT 5 /* 4 hex digits and a space */
#define HEXDUMP_HEXSTUFF_PER_LINE \

-
This is the tcpdump-workers list.
Visit https://lists.sandelman.ca/ to unsubscribe.