Bug 6725 - tcpdump ignores /etc/protocols
Summary: tcpdump ignores /etc/protocols
Keywords:
Status: CLOSED RAWHIDE
Alias: None
Product: Red Hat Linux
Classification: Retired
Component: tcpdump
Version: 6.1
Hardware: i386
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Harald Hoyer
QA Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 1999-11-04 16:51 UTC by B. K. Oxley (binkley)
Modified: 2008-05-01 15:37 UTC (History)
1 user (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 1999-12-22 14:48:20 UTC
Embargoed:

Attachments (Terms of Use)

Description B. K. Oxley (binkley) 1999-11-04 16:51:36 UTC 
RedHat's enhanced tcpdump ignores /etc/protocols; it has
hard-coded strings for the protocol names it recognizes: all
others are only accepted by number.  To fix:

#include <netdb.h>

Then, update eth_p_parse:

	if (!strcmp(id, "x25"))
		return htons(ETH_P_X25);

        /* Check for protocol in /etc/protocols: */
	if (pe = getprotobyname (id))
	  return htons (pe->p_proto);

	return htons(atoi(id));

libpcap seems to already do this it seems.


--binkley
Comment 1 Jeff Johnson 1999-12-22 14:48:59 UTC 
Fixed in tcpdump-3.4-17. Thanks for the patch.
Comment 2 richard.wittmer 2000-01-13 15:03:59 UTC 
I have seen this problem in my lab (at least its seems to be the same thing).
I have had to move a machine in my lab back to 6.0 to get a reliable tcpdump.
I'd love to try the fixed version, but i'm at a loss as to where I would find
the tcpdump-3.4-17 package. Can you let me know where it is? Thanks.

Rich
Comment 3 Jeff Johnson 2000-01-13 15:30:59 UTC 
ftp://rawhide.redhat.com/pub/rawhide
Note You need to log in before you can comment on or make changes to this bug.