Bug 6725 - tcpdump ignores /etc/protocols
Summary: tcpdump ignores /etc/protocols
Status: CLOSED RAWHIDE
Alias: None
Product: Red Hat Linux
Classification: Retired
Component: tcpdump
Version: 6.1
Hardware: i386
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Harald Hoyer
QA Contact:
URL:
Whiteboard:
Keywords:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 1999-11-04 16:51 UTC by B. K. Oxley (binkley)
Modified: 2008-05-01 15:37 UTC (History)
1 user (show)

(edit)
Clone Of:
(edit)
Last Closed: 1999-12-22 14:48:20 UTC


Attachments (Terms of Use)

Description B. K. Oxley (binkley) 1999-11-04 16:51:36 UTC
RedHat's enhanced tcpdump ignores /etc/protocols; it has
hard-coded strings for the protocol names it recognizes: all
others are only accepted by number.  To fix:

#include <netdb.h>

Then, update eth_p_parse:

	if (!strcmp(id, "x25"))
		return htons(ETH_P_X25);

        /* Check for protocol in /etc/protocols: */
	if (pe = getprotobyname (id))
	  return htons (pe->p_proto);

	return htons(atoi(id));

libpcap seems to already do this it seems.


--binkley

Comment 1 Jeff Johnson 1999-12-22 14:48:59 UTC
Fixed in tcpdump-3.4-17. Thanks for the patch.

Comment 2 richard.wittmer 2000-01-13 15:03:59 UTC
I have seen this problem in my lab (at least its seems to be the same thing).
I have had to move a machine in my lab back to 6.0 to get a reliable tcpdump.
I'd love to try the fixed version, but i'm at a loss as to where I would find
the tcpdump-3.4-17 package. Can you let me know where it is? Thanks.

Rich

Comment 3 Jeff Johnson 2000-01-13 15:30:59 UTC
ftp://rawhide.redhat.com/pub/rawhide


Note You need to log in before you can comment on or make changes to this bug.