tcpdump mailing list archives
patch to allow tcpslice to work with zero and one packet captures
From: Sam Roberts <vieuxtech () gmail com>
Date: Wed, 25 Mar 2009 17:59:54 -0700
Do you all maintain tcpslice? I'm having trouble finding an upstream repo or maintainer for it. tcpslice fails on packet captures with zero or one packet in them. Given an arbitrary set of captures, it is entirely possible that some of them don't have packets or have small numbers of packets. It is not easy to determine how many packets are in a capture, and tcpslice itself will write captures with zero or one packets if that is how many are found in a slice. This is easily reproduceable with tcpslice by running it with -R to find the time of the first/last packet in a capture, then creating slices that have the last packet and no packets. This patch is against 1.2a3-2.1, and is what I submitted to debian: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=521068 This http://www.tcpdump.org/related.html Says TCPslice can also be found in the tcpdump CVS server, as the project tcpslice. But cvs is gone, and it doesn't seem to be in git?
Attachment:
04_zero_and_one_packet_captures.patch
Description:
- This is the tcpdump-workers list. Visit https://cod.sandelman.ca/ to unsubscribe.
Current thread:
- patch to allow tcpslice to work with zero and one packet captures Sam Roberts (Mar 25)
- Re: patch to allow tcpslice to work with zero and one packet captures Michael Richardson (Mar 25)
- Re: patch to allow tcpslice to work with zero and Sam Roberts (Mar 30)
- Re: patch to allow tcpslice to work with zero and one packet captures Michael Richardson (Mar 25)