tcpdump mailing list archives
Re: decode MPLS-contained packets?
From: Gert Doering via tcpdump-workers <tcpdump-workers () lists tcpdump org>
Date: Thu, 7 May 2020 03:12:05 -0400 (EDT)
--- Begin Message --- From: Gert Doering <gert () greenie muc de>
Date: Thu, 7 May 2020 09:13:56 +0200
Hi, On Thu, May 07, 2020 at 08:20:40AM +0200, Francois-Xavier Le Bail wrote:Proposed patch attached. With new '-T mplsethnocw' option to force 'Ethernet without Control Word' decode. (from Francesco Fondelli comment)There's one bug here:+ case 0x00: /* RFC 4448 PW Ethernet Control Word */ + if (ndo->ndo_vflag) { + ND_PRINT("\n\tPW Ethernet Control Word"); + p += 2; + ND_PRINT(", Sequence Number %u", GET_BE_U_2(p)); + p += 2; + } else + ND_PRINT(" PWETHCW"); + p += 4; + length -= 4;Due to missing {}, the "p += 4" will always be executed, skipping the control word twice if "-v" is set. I'd totally leave off printing the "PWETHCW", though. If it's decoding the payload, that is all information I need - if I want more, I can always do "-v". So the code would become: + case 0x00: /* RFC 4448 PW Ethernet Control Word */ + if (ndo->ndo_vflag) { + ND_PRINT("\n\tPW Ethernet Control Word"); + ND_PRINT(", Sequence Number %u", GET_BE_U_2(p+2)); + } + p += 4; + length -= 4; + pt = PT_ETHER; + break; There's something else: + case PT_ETHER: + ether_print(ndo, p, length, ND_BYTES_AVAILABLE_AFTER(bp), NULL, NULL); This might actually be a bug in my original patch, ND_BYTES_AVAILABLE_AFTER() should possibly call "(p)", not "(bp)". Copy-pasted that line from print-gre.c, and only changed the first "bp" to "p. gert -- "If was one thing all people took for granted, was conviction that if you feed honest figures into a computer, honest figures come out. Never doubted it myself till I met a computer with a sense of humor." Robert A. Heinlein, The Moon is a Harsh Mistress Gert Doering - Munich, Germany gert () greenie muc de
--- End Message ---
_______________________________________________ tcpdump-workers mailing list tcpdump-workers () lists tcpdump org https://lists.sandelman.ca/mailman/listinfo/tcpdump-workers
Current thread:
- Re: decode MPLS-contained packets?, (continued)
- Re: decode MPLS-contained packets? Guy Harris via tcpdump-workers (May 07)
- Message not available
- Re: decode MPLS-contained packets? Gert Doering via tcpdump-workers (May 07)
- Message not available
- Message not available
- Message not available
- Message not available
- Re: decode MPLS-contained packets? Francois-Xavier Le Bail via tcpdump-workers (May 06)
- Re: decode MPLS-contained packets? Francois-Xavier Le Bail via tcpdump-workers (May 07)
- Re: decode MPLS-contained packets? Guy Harris via tcpdump-workers (May 07)
- Message not available
- Re: decode MPLS-contained packets? Francois-Xavier Le Bail via tcpdump-workers (May 07)
- Re: decode MPLS-contained packets? Gert Doering via tcpdump-workers (May 07)
- Re: decode MPLS-contained packets? Francois-Xavier Le Bail via tcpdump-workers (May 07)
- Message not available
- Re: decode MPLS-contained packets? Francois-Xavier Le Bail via tcpdump-workers (May 08)
- Message not available
- Message not available
- Message not available
- Message not available
- Re: decode MPLS-contained packets? Gert Doering via tcpdump-workers (May 07)
- Re: decode MPLS-contained packets? Gert Doering via tcpdump-workers (May 07)
- Message not available
- Message not available
- Message not available
- Message not available
- Message not available
- Re: decode MPLS-contained packets? Francois-Xavier Le Bail via tcpdump-workers (May 07)