tcpdump mailing list archives
Re: (another) bug in the BPF compiler (wireless)
From: "Gianluca Varenni" <gianluca.varenni () cacetech com>
Date: Mon, 26 Nov 2007 10:51:38 -0800
----- Original Message ----- From: "Arien Vijn" <arien.vijn () ams-ix net>
To: <tcpdump-workers () lists tcpdump org> Cc: "Arien Vijn" <arien.vijn () ams-ix net> Sent: Monday, November 26, 2007 10:13 AM Subject: Re: [tcpdump-workers] (another) bug in the BPF compiler (wireless)
Hi, On 26 Nov 2007, at 19:05, Gianluca Varenni wrote:I don't know what the status of the libpcap 1.0/tcpdump 4.0 release is, but I'd like to hold on the release for a day or so.I've just found (another) bug in the BPF compiler for wireless link types. A simple filter like "link src host 11:22:33:44:55:66" seems to discard all the packets.Although I do not know much about wireless but in ethernet this would be source multicast, which is prohibited.
That was just a dummy address I wrote (i could have written xx:xx:xx:xx:xx:xx).
The problem is related to the fact that the BPF code is picking the wrong address: when ToDS=0, fromDS=1 and it's a data frame, link src host picks the BSSID instead of the Source address.
GV
Kind regards, Arien - This is the tcpdump-workers list.Visit https://cod.sandelman.ca/ to unsubscribe.
- This is the tcpdump-workers list. Visit https://cod.sandelman.ca/ to unsubscribe.
Current thread:
- (another) bug in the BPF compiler (wireless) Gianluca Varenni (Nov 26)
- Re: (another) bug in the BPF compiler (wireless) Arien Vijn (Nov 26)
- Re: (another) bug in the BPF compiler (wireless) Gianluca Varenni (Nov 26)
- Re: (another) bug in the BPF compiler (wireless) Bruce Keats (Nov 26)
- Re: (another) bug in the BPF compiler (wireless) Gianluca Varenni (Nov 26)
- Re: (another) bug in the BPF compiler (wireless) Gianluca Varenni (Nov 26)
- Re: (another) bug in the BPF compiler (wireless) Arien Vijn (Nov 26)