Bug 484851 - tcpslice doesn't work on x86_64
tcpslice doesn't work on x86_64
Product: Red Hat Enterprise Linux 4
Classification: Red Hat
Component: tcpdump (Show other bugs)
x86_64 Linux
low Severity medium
: rc
: ---
Assigned To: Miroslav Lichvar
Depends On:
  Show dependency treegraph
Reported: 2009-02-10 05:44 EST by masanari iida
Modified: 2010-03-18 12:18 EDT (History)
1 user (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2010-03-18 12:18:25 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

  None (edit)
Description masanari iida 2009-02-10 05:44:25 EST
Description of problem:
tcpslice(8) on RHEL4 (x86_64) failed to slice the tcpdump binary file.
Same steps works on RHEL4 (x86)

Version-Release number of selected component (if applicable):

tcpdump-3.8.2-12.el4_6.1 (x86_64)

How reproducible:

Steps to Reproduce:
1. Create tcpdump capture file.
   tcpdump -w mytcpdump.bin   (at least 10sec)

2. Find out timestamp.
   tcpdump -tt -r mytcpdump.bin

1234329816.684648 arp who-has abc (Broadcast) tell xyz

3. Check the time

# tcpslice -d 1234329816.684648 +3 ./mytcpdump.bin
start   1234329816.684648
stop    1234329819.684648

4. Split the file

# tcpslice -w mytcpdump_slice.bin 1234329816.684648 +3 ./mytcpdump.bin
tcpslice: problems finding end packet of file ./mytcpdump.bin

5. See the file

# tcpslice -R ./mytcpdump.bin
tcpslice: couldn't find final packet in file ./mytcpdump.bin

# file /usr/sbin/tcpslice
/usr/sbin/tcpslice: ELF 64-bit LSB executable, AMD x86-64, version 1 (SYSV), for GNU/Linux 2.4.0, dynamically linked (uses shared libs), stripped

Actual results:
tcpslice can not split the file.

Expected results:
tcpslice split the data from original file.
tcpslice can dump timestamps of the first and the last packet.

Additional info:
Same steps works on RHEL4(ia32)
Comment 1 Ondrej Vasik 2010-03-18 12:18:25 EDT
As RHEL-4.9 is last update for RHEL-4 and it is not suitable for new features
and should address only security, performance and critical issues, I'm closing
that bugzilla WONTFIX. If this functionality is still missing in RHEL-5, feel
free to clone that bugzilla against it.

Note You need to log in before you can comment on or make changes to this bug.