From owner-freebsd-current@FreeBSD.ORG Sun Oct 3 11:04:37 2004 Return-Path: Delivered-To: freebsd-current@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 0E12E16A4CE for ; Sun, 3 Oct 2004 11:04:37 +0000 (GMT) Received: from mproxy.gmail.com (rproxy.gmail.com [64.233.170.195]) by mx1.FreeBSD.org (Postfix) with ESMTP id B658743D1F for ; Sun, 3 Oct 2004 11:04:36 +0000 (GMT) (envelope-from raphaelr@gmail.com) Received: by mproxy.gmail.com with SMTP id 74so124589rnk for ; Sun, 03 Oct 2004 04:04:36 -0700 (PDT) Received: by 10.38.208.53 with SMTP id f53mr4715230rng; Sun, 03 Oct 2004 04:04:36 -0700 (PDT) Received: by 10.38.162.46 with HTTP; Sun, 3 Oct 2004 04:04:36 -0700 (PDT) Message-ID: <3f030e4204100304043ef4b8f@mail.gmail.com> Date: Sun, 3 Oct 2004 13:04:36 +0200 From: "Raphael R." To: freebsd-current@freebsd.org Mime-Version: 1.0 Content-Type: multipart/mixed; boundary="----=_Part_221_16269327.1096801476179" cc: bms@spc.org Subject: tcpdump -tttt option loses timezone X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list Reply-To: "Raphael R." List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 03 Oct 2004 11:04:37 -0000 ------=_Part_221_16269327.1096801476179 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Content-Disposition: inline The -tttt option doesn't use timezone, the time is always GMT: # tcpdump -n -tttt 06/13/2004 13:31:35.758527 192.168.2.1 > 192.168.2.254: icmp: echo request 06/13/2004 13:31:35.758684 192.168.2.254 > 192.168.2.1: icmp: echo reply without time option, I have: # tcpdump -n 15:31:30.808613 192.168.2.1 > 192.168.2.254: icmp: echo request 15:31:30.808769 192.168.2.254 > 192.168.2.1: icmp: echo reply The reason is quite simple (based on 3.8.3 source code) in tcpdump.c: .... int tflag = 1; /* print packet arrival time */ .... .... case 't': --tflag; break; .... .... if (tflag > 0) thiszone = gmt2local(0); .... if -tttt option is enabled gmt2local isn't called and thiszone is alway equals to 0. I've provided a patch: --- tcpdump.c.orig Sun Jun 13 15:50:49 2004 +++ tcpdump.c Sun Jun 13 15:56:42 2004 @@ -615,7 +615,7 @@ /* NOTREACHED */ } - if (tflag > 0) + if ((tflag > 0) || (tflag == -3)) thiszone = gmt2local(0); if (RFileName != NULL) { Another solution is to remove the "if (tflag > 0)" test. This bug was discovered on FreeBSD 5.2.1 (tcpdump 3.7.2 + multidlt) with but apply to all others platforms. This bug is now fixed on branch tcpdump_3_8 and HEAD on tcpdump CVS. I hope that it can be fixed before the 5.3-RELEASE. Raphael Raimbault. ------=_Part_221_16269327.1096801476179 Content-Type: application/octet-stream; name="tcpdump.c.patch" Content-Transfer-Encoding: base64 Content-Disposition: attachment; filename="tcpdump.c.patch" LS0tIHRjcGR1bXAuYy5vcmlnCVN1biBKdW4gMTMgMTU6NTA6NDkgMjAwNAorKysgdGNwZHVtcC5j CVN1biBKdW4gMTMgMTY6MDU6MzQgMjAwNApAQCAtNjE1LDcgKzYxNSw3IEBACiAJCQkvKiBOT1RS RUFDSEVEICovCiAJCX0KIAotCWlmICh0ZmxhZyA+IDApCisJaWYgKCh0ZmxhZyA+IDApIHx8ICh0 ZmxhZyA9PSAtMykpCiAJCXRoaXN6b25lID0gZ210MmxvY2FsKDApOwogCiAJaWYgKFJGaWxlTmFt ZSAhPSBOVUxMKSB7Cg== ------=_Part_221_16269327.1096801476179--