Re: Printing of TCP flags seems incorrect

[Guy Harris <guy () alum mit edu>]

grarpamp wrote:
> Hi. I think I've found this 'none' printf you speak of.

More precisely it's a "none" argument passed to bittok2str_nosep() plus the

        else {
            /* bummer - lets print the "unknown" message as advised in 
the fmt string if we got one */
            if (fmt == NULL)
                fmt = "#%d";
            (void)snprintf(buf, sizeof(buf), fmt, v);
            return (buf);
        }

code at the end of bittok2str_internal().

> However it
> does not appear to be excercised from what I can tell. Not sure
> about that.

To quote RFC 793:

Acknowledgment Number:  32 bits

    If the ACK control bit is set this field contains the value of the
    next sequence number the sender of the segment is expecting to
    receive.  Once a connection is established this is always sent.

so, once a connection is established, there should not be any packets 
with no flags set.  The packets used to establish the connection have 
either SYN, ACK, or both SYN and ACK set, and the packets used to tear 
down the connection have either FIN, ACK, or both FIN and ACK set, so 
I'm not sure when you'd ever see a TCP segment with no flags set.

> However as this code is still in flux [unreleased] and possibly
> amenable to the influence of sanity, I would like to suggest that
> the flags field be kept letter consistant with the bitfield...

Hannes?
-
This is the tcpdump-workers list.
Visit https://cod.sandelman.ca/ to unsubscribe.