Commits on Jul 9, 2016
Commits on Jul 4, 2016
  1. OSPF: Do more bounds checking

    fxlb committed Jul 4, 2016
  2. OSPF: Fix printing 'ospf_topology_values' default

    Fix spaces in ospf_topology_values[]
    fxlb committed Jul 4, 2016
  3. RSVP: Add a bounds check

    fxlb committed Jul 4, 2016
Commits on Jul 1, 2016
  1. Don't use strcasecmp(), use ascii_strcasecmp().

    Not all platforms have strcasecmp() (yes, it's in the Single UNIX
    Specification, but not all platforms are UNIX or even UN*X; there's some
    obscure company in Redmond, Washington who have an OS on which we run),
    and on those that do, there's no guarantee that strcasecmp() will treate
    A-Z and a-z as being equivalent ("I" and "i" aren't equivalent in a
    Turkish locale, for example).
    Fix indentation while we're at it.
    guyharris committed Jul 1, 2016
Commits on Jun 30, 2016
  1. Merge pull request #526 from superjamie/Cflag-Wflag-nonzero

    Don't accept zero -C or -W options
    guyharris committed on GitHub Jun 30, 2016
Commits on Jun 29, 2016
  1. Don't accept zero -C or -W options

    Rolling over into zero filesize makes no sense. Creating a rotating
    buffer of zero files makes no sense.
    Modify the checks for -C and -W to accept greater than one, not greater
    than zero.
    Signed-off-by: Jamie Bainbridge <>
    superjamie committed on GitHub Jun 29, 2016
Commits on Jun 27, 2016
  1. Squelch a compiler warning.

    It may not be necessary, but it makes the code a bit cleaner, even if
    you spend a few extra microseconds per file fetching the name of the
    link-layer header type even if the new file has the same header type.
    guyharris committed Jun 27, 2016
Commits on Jun 23, 2016
  1. Minor coding style tweak.

    guyharris committed Jun 23, 2016
  2. Handle OpenSSL 1.1.x.

    In 1.1.x, EVP_CIPHER_CTX is an opaque structure, so we can't declare it
    on the stack.
    Instead, if we don't have EVP_CIPHER_CTX_new() and EVP_CIPHER_CTX_free()
    in libcrypto, define our own versions, with the same signatures as the
    ones in OpenSSL 1.1.x's libcrypto, and have the code use
    EVP_CIPHER_CTX_new() to allocate the structure and EVP_CIPHER_CTX_free()
    to free it.
    guyharris committed Jun 23, 2016
Commits on Jun 2, 2016
Commits on May 16, 2016
  1. Merge pull request #519 from dionbosschieter/updatePostrotateCommandH…

    Change -z command help text to -z postrotate-command
    guyharris committed May 16, 2016
  2. Change -z command help text to -z postrotate-command

    Dion Bosschieter committed May 16, 2016
Commits on Apr 26, 2016
  1. update CREDITS

    infrastation committed Apr 26, 2016
  2. Merge pull request #515 from adarqui/typos

    Just fixes a few typos and grammatical issues
    guyharris committed Apr 26, 2016
  3. Just fixes a few typos and grammatical issues:

    - informations/Information
    - the the
    - usefull/useful
    - optionnal/optional
    - your/you
    adarqui committed Apr 26, 2016
  4. Use strtol(), not atoi(), to parse integral values.

    strtol()'s error behavior is standardized; atoi()'s isn't.
    guyharris committed Apr 26, 2016
  5. Initial support for the REdis Serialization Protocol known as RESP.

    This commit adds support for RESP as defined in:
    It also supports inline commands and pipelining. Due to the popularity of RESP,
    numerous services are emerging that use this protocol. You may decode RESP packets
    on arbitrary ports using the "-T resp" option.
    Example captures can be found in tests/resp_*.
    A simple way to test this parser is to start redis-server and then run
    redis-cli commands such as "redis-cli set key value".
    Traditionally, redis-cli monitor is used to debug redis. Unfortunately,
    the "monitor" command can cause significant load on a redis-server in
    production. This parser may be used as a non-invasive alternative to
    redis-cli monitor.
    adarqui committed with fxlb Jan 12, 2016
Commits on Apr 14, 2016
  1. Squelch a signed vs. unsigned comparison warning.

    uint8_t + int constant = int; make the constant unsigned.
    guyharris committed Apr 14, 2016
Commits on Mar 25, 2016
  1. Clean up version test.

    !(nfhdr->nflog_version) is equivalent to (nfhdr->nflog_version == 0).
    That will evaluate to 1 if nfhdr->nflog_version is 0 and to 0 otherwise.
    So !(nfhdr->nflog_version) == 0 is equivalent to nfhdr->nflog_version != 0,
    but 1) it's more obvious what it means and 2) compilers don't point out
    that it may not mean what you intended.
    guyharris committed Mar 25, 2016
  2. Make sure the length of the header is valid.

    It must be at least 2, as it includes the lengths of the Base and
    Service Path headers, and those are always present.
    guyharris committed Mar 25, 2016
Commits on Mar 22, 2016
  1. Add printing function for Generic Protocol Extension for VXLAN

    and Network Service Header.
    This code stands for following internet drafts:
    - VXLAN GPE: draft-ietf-nvo3-vxlan-gpe-01
    - NSH: draft-ietf-sfc-nsh-01
    bugyo committed with fxlb Nov 15, 2015
Commits on Mar 20, 2016
  1. We have to set the filter on every new file.

    Even if we haven't recompiled the filter, because the new file has the
    same DLT as the old file, we still need to apply it to the new file.
    guyharris committed Mar 20, 2016
  2. Don't recompile the filter if the new file has the same DLT.

    Only recompile the filter - and only find a new printer and a new DLT
    name - if, when reading multiple files with the -V flag, the new file
    has a different DLT value from the old file.  With lots of small files,
    that can make a significant performance difference.
    Addresses GitHub issue #508.
    guyharris committed Mar 20, 2016
Commits on Feb 13, 2016
  1. Have one switch statement, not two, for radiotap fields.

    Merge the two switch statements.
    Use local variables, for each case, for the subfields, while we're at
    guyharris committed Feb 13, 2016
  2. Don't overwrite the destination IPv6 address for routing headers.

    If we have a routing header, instead of overwriting the packet's IPv6
    destination address in the packet with the final destination, so that
    the next protocol's checksum routine can use it, we do as we do for
    IPv4, and, in the "next protocol checksum" routine, scan the headers
    looking for a routing header and, if we find one, copy the final
    destination from it.
    While we're at it, clean up a few things.
    guyharris committed Feb 13, 2016
  3. Pass an adjusted struct pcap_pkthdr to the sub-printer.

    The caplen and len of the packet it's printing must be reduced by the
    length of the PPI header.
    guyharris committed Feb 13, 2016
  4. Add some packet-length checks.

    guyharris committed Feb 13, 2016
Commits on Feb 12, 2016
Commits on Feb 6, 2016
  1. Add three test cases for already fixed CVEs

    CVEs by Steffen Bauch
    CVE-2014-8767: OLSR
    CVE-2014-8768: Geonet
    CVE-2014-8769: AODV
    fxlb committed Feb 6, 2016
Commits on Jan 31, 2016
  1. VXLAN: Add a bound check

    Add and use tstr[].
    Add and use VXLAN_HDR_LEN.
    fxlb committed Jan 31, 2016