Bug 89672 - tcpflow port not working with local interface, patch provided
Summary: tcpflow port not working with local interface, patch provided
Status: Closed FIXED
Alias: None
Product: Ports & Packages
Classification: Unclassified
Component: Individual Port(s) (show other bugs)
Version: Latest
Hardware: Any Any
: Normal Affects Only Me
Assignee: Sam Lawrance
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2005-11-28 14:10 UTC by Oles Hnatkevych
Modified: 2005-12-13 05:49 UTC (History)
0 users

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Oles Hnatkevych 2005-11-28 14:10:05 UTC 
	The tcpflow-0.21 port (the latest) does not work with packets going through local interface, it treats them as invalid packets.

Fix: The file datalink patch below. The patch code is derived from tcpdump sources coming with the system.
	(I'm afraid the removing < > comments also will patch the patch code below, the SWAPLONG definition)


--------------------- cut ------------------------------------------------


#include "tcpflow.h"

+/*
+ * Byte-swap a 32-bit number.
+ * ("htonl()" or "ntohl()" won't work - we want to byte-swap even on
+ * big-endian platforms.)
+ */
+#define SWAPLONG(y) \
+((((y)&0xff)<<24) | (((y)&0xff00)<<8) | (((y)&0xff0000)>>8) | (((y)>>24)&0xff))


 /* The DLT_NULL packet header is 4 bytes long. It contains a network
@@ -71,7 +78,8 @@
 #ifndef DLT_NULL_BROKEN
   /* make sure this is AF_INET */
   memcpy((char *)&family, (char *)p, sizeof(family));
-  family = ntohl(family);
+  // family = ntohl(family);
+  if ((family & 0xFFFF0000) != 0) family = SWAPLONG(family);
   if (family != AF_INET) {
     DEBUG(6) ("warning: received non-AF_INET null frame (type %d)", family);
     return;
--------------------- cut --------------------------------------------------2NDJQ4dzCK1XBoKrCs4aINbzSswlFUlp60HHVbZRA0KMFjYa
Content-Type: text/plain; name="file.diff"
Content-Transfer-Encoding: 7bit
Content-Disposition: attachment; filename="file.diff"

--- datalink.c.orig     Mon May  9 12:00:38 2005
+++ datalink.c  Mon May  9 12:23:47 2005
@@ -42,6 +42,13 @@
How-To-Repeat: 	Just do it. tcpflow -c -i lo0 won't show anything.
Comment 1 Edwin Groothuis freebsd_committer freebsd_triage 2005-11-28 22:43:05 UTC 
Maintainer of net/tcpflow,

Please note that PR ports/89672 has just been submitted.

If it contains a patch for an upgrade, an enhancement or a bug fix
you agree on, reply to this email stating that you approve the patch
and a committer will take care of it.

The full text of the PR can be found at:
    http://www.freebsd.org/cgi/query-pr.cgi?pr=ports/89672

-- 
Edwin Groothuis
edwin@FreeBSD.org
Comment 2 Edwin Groothuis freebsd_committer freebsd_triage 2005-11-28 22:43:10 UTC 
State Changed
From-To: open->feedback

Awaiting maintainers feedback
Comment 3 Sam Lawrance freebsd_committer freebsd_triage 2005-12-12 04:53:09 UTC 
Responsible Changed
From-To: freebsd-ports-bugs->lawrance

Take
Comment 4 Sam Lawrance freebsd_committer freebsd_triage 2005-12-12 04:56:10 UTC 
On a 6.0 system, tcpflow doesn't show any traffic on lo0 - even with  
the patch.  I haven't got a 4.x system to test on.

Any ideas?
Comment 5 Sam Lawrance freebsd_committer freebsd_triage 2005-12-13 05:37:19 UTC 
State Changed
From-To: feedback->analyzed

Never mind, it was pilot error!  Works great.
Comment 6 Sam Lawrance freebsd_committer freebsd_triage 2005-12-13 05:49:35 UTC 
State Changed
From-To: analyzed->closed

Committed, thanks for the patch!