Date: Fri, 11 Aug 1995 15:23:46 -0400 (EDT) From: Robin Cutshaw <robin@intercore.com> To: current@freebsd.org Subject: speaking of tcpdump Message-ID: <199508111923.PAA25640@intercore.com>
next in thread | raw e-mail | index | archive | help
Which reminds me...
I use tcpdump pretty extensively as a network tool and wanted to see
both ascii and hex for full packet dumps (and I know about the -D
option on some versions). Here's a patch that will give the network
problem solver a much better look at what's going on (IMHO). Turn
it on by using "-x -x" on the command line (kinda hidden, huh?).
I'm not advocating that this should be included in the default tcpdump
(especially with the security rammifications) but I thought the
developers here might find it useful.
robin
*** tcpdump.c.ORIG Sat Jul 22 17:45:55 1995
--- tcpdump.c Sat Jul 22 17:47:00 1995
***************
*** 351,401 ****
exit(0);
}
- /* Like default_print() but data need not be aligned */
void
! default_print_unaligned(register const u_char *cp, register int length)
{
! register u_int i, s;
! register int nshorts;
!
! nshorts = (u_int) length / sizeof(u_short);
! i = 0;
! while (--nshorts >= 0) {
! if ((i++ % 8) == 0)
! (void)printf("\n\t\t\t");
! s = *cp++;
! (void)printf(" %02x%02x", s, *cp++);
! }
! if (length & 1) {
! if ((i % 8) == 0)
! (void)printf("\n\t\t\t");
! (void)printf(" %02x", *cp);
! }
}
void
default_print(register const u_char *bp, register int length)
{
- register const u_short *sp;
register u_int i;
! register int nshorts;
- if ((int)bp & 1) {
- default_print_unaligned(bp, length);
- return;
- }
- sp = (u_short *)bp;
- nshorts = (u_int) length / sizeof(u_short);
i = 0;
! while (--nshorts >= 0) {
! if ((i++ % 8) == 0)
! (void)printf("\n\t\t\t");
! (void)printf(" %04x", ntohs(*sp++));
}
! if (length & 1) {
! if ((i % 8) == 0)
! (void)printf("\n\t\t\t");
! (void)printf(" %02x", *(u_char *)sp);
}
}
--- 351,400 ----
exit(0);
}
void
! default_print_unaligned(register const u_char *bp, register int length)
{
! default_print(bp, length);
}
void
default_print(register const u_char *bp, register int length)
{
register u_int i;
! register u_char *xbufp, *abufp, *cp, c;
! u_char xbuf[16*3+1], abuf[16+1];
i = 0;
! xbufp = xbuf;
! abufp = abuf;
! cp = bp;
! while (i < length) {
! c = *cp >> 4;
! *xbufp++ = (c > 9) ? ((c-10)+'a') : (c+'0');
! c = *cp & (u_char )0x0f;
! *xbufp++ = (c > 9) ? ((c-10)+'a') : (c+'0');
! *xbufp++ = ' ';
! c = *cp++;
! *abufp++ = isprint(c) ? c : '.';
! i++;
! if ((i != 1) && ((i % 16) == 0)) {
! *xbufp++ = '\0';
! *abufp++ = '\0';
! if (xflag > 1)
! (void)printf("\n\t%-48s |%-16s|", xbuf, abuf);
! else
! (void)printf("\n\t%-48s", xbuf);
! xbufp = xbuf;
! abufp = abuf;
! }
}
! if ((i % 16) != 0) {
! *xbufp++ = '\0';
! *abufp++ = '\0';
! if (xflag > 1)
! (void)printf("\n\t%-48s |%-16s|", xbuf, abuf);
! else
! (void)printf("\n\t%-48s", xbuf);
}
}
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199508111923.PAA25640>