Patch for tcpdump 3.4 to dump the packet as ascii character. Posted by TIP(webmaster@filez.org), Sep.20,1999. http://filez.org/
967659ebfb42cbcaf86ac19aa84f55c8diff -ruN tcpdump-3.4/interface.h tcpdump-3.4-ascii/interface.h
--- tcpdump-3.4/interface.h Thu May 29 04:54:45 1997
+++ tcpdump-3.4-ascii/interface.h Mon May 11 17:51:51 1998
@@ -35,6 +35,7 @@
};
extern int aflag; /* translate network and broadcast addresses */
+extern int Aflag; /* print packet in visible ascii character */
extern int dflag; /* print filter code */
extern int eflag; /* print ethernet header */
extern int fflag; /* don't translate "foreign" IP address */
@@ -67,6 +68,7 @@
* 14 bytes of data (assuming no ip options).
*/
#define DEFAULT_SNAPLEN 68
+#define MAX_SNAPLEN 1500
#ifndef BIG_ENDIAN
#define BIG_ENDIAN 4321
diff -ruN tcpdump-3.4/print-ether.c tcpdump-3.4-ascii/print-ether.c
--- tcpdump-3.4/print-ether.c Tue May 27 09:19:00 1997
+++ tcpdump-3.4-ascii/print-ether.c Mon May 11 13:01:21 1998
@@ -138,6 +138,7 @@
}
if (xflag)
default_print(p, caplen);
+
out:
putchar('\n');
}
diff -ruN tcpdump-3.4/tcpdump.c tcpdump-3.4-ascii/tcpdump.c
--- tcpdump-3.4/tcpdump.c Sun Oct 19 05:50:17 1997
+++ tcpdump-3.4-ascii/tcpdump.c Mon May 11 17:50:43 1998
@@ -39,6 +39,9 @@
#include <sys/time.h>
#include <netinet/in.h>
+#include <netinet/in_systm.h>
+#include <netinet/ip.h>
+#include <netinet/tcp.h>
#include <pcap.h>
#include <signal.h>
@@ -54,6 +57,7 @@
#include "gmt2local.h"
int aflag; /* translate network and broadcast addresses */
+int Aflag; /* print packet in visible ascii character */
int dflag; /* print filter code */
int eflag; /* print ethernet header */
int fflag; /* don't translate "foreign" IP address */
@@ -149,7 +153,7 @@
opterr = 0;
while (
- (op = getopt(argc, argv, "ac:defF:i:lnNOpqr:s:StT:vw:xY")) != EOF)
+ (op = getopt(argc, argv, "Aac:defF:i:lnNOpqr:s:StT:vw:xY")) != EOF)
switch (op) {
case 'a':
@@ -263,6 +267,12 @@
++xflag;
break;
+ case 'A':
+ ++Aflag; ++xflag;
+ if(snaplen < MAX_SNAPLEN)
+ snaplen = MAX_SNAPLEN;
+ break;
+
default:
usage();
/* NOTREACHED */
@@ -403,6 +413,76 @@
}
}
+int
+check_tcpdata(const u_char *bp, u_int length, int *datlen) {
+ const struct ip *ip;
+ u_int hlen, len, off;
+
+ if(length < sizeof(struct ip))
+ return 0;
+ if(*bp != 0x45)
+ return 0;
+ ip = (const struct ip *)bp;
+ if(ip->ip_p != IPPROTO_TCP)
+ return 0;
+
+ hlen = ip->ip_hl * 4;
+ len = ntohs(ip->ip_len);
+ off = ntohs(ip->ip_off);
+
+/*
+ printf("\n### hlen=%d, len=%d, off=%d, length=%d tcphdr=%d",
+ hlen, len, off, length, sizeof(struct tcphdr));
+*/
+
+ if(len < length)
+ *datlen = len - hlen - sizeof(struct tcphdr);
+ else
+ *datlen = length - hlen - sizeof(struct tcphdr);
+ if(*datlen < 0)
+ return 0;
+
+ if((off & 0x1fff) != 0) {
+ return 0;
+ }
+
+ return ip->ip_hl * 4 + sizeof(struct tcphdr);
+}
+
+
+void
+Adump(const u_char *cp, int datlen) {
+ int i, c;
+
+ if(datlen > 0) {
+ printf("\n\t\t\t\"");
+ for(i = 0; i < datlen; i++) {
+ c = *cp++;
+ switch(c) {
+ case '\t': fputs("\\t", stdout); break;
+ case '\v': fputs("\\v", stdout); break;
+ case '\b': fputs("\\b", stdout); break;
+ case '\r': fputs("\\r", stdout); break;
+ case '\n': fputs("\\n", stdout); break;
+ case '\f': fputs("\\f", stdout); break;
+ case 0x07: fputs("\\a", stdout); break;
+ case '\\': fputs("\\\\", stdout); break;
+ case '"': fputs("\\\"", stdout); break;
+ default:
+ if(' ' <= c && c <= 126)
+ putchar(c);
+ else {
+ char buff[5];
+ sprintf(buff, "\\%03o", c);
+ fputs(buff, stdout);
+ }
+ }
+ }
+ putchar('"');
+ }
+}
+
+
/*
* By default, print the packet out in hex.
*
@@ -411,27 +491,35 @@
void
default_print(register const u_char *bp, register u_int length)
{
- register const u_short *sp;
- register u_int i;
- register int nshorts;
+ int hdrlen, datlen;
- if ((long)bp & 1) {
- default_print_unaligned(bp, length);
- return;
- }
- sp = (u_short *)bp;
- nshorts = (u_int) length / sizeof(u_short);
- i = 0;
- while (--nshorts >= 0) {
- if ((i++ % 8) == 0)
- (void)printf("\n\t\t\t");
- (void)printf(" %04x", ntohs(*sp++));
- }
- if (length & 1) {
- if ((i % 8) == 0)
- (void)printf("\n\t\t\t");
- (void)printf(" %02x", *(u_char *)sp);
- }
+ if(Aflag && xflag > 1 || !Aflag && xflag > 0) {
+ register const u_short *sp;
+ register u_int i;
+ register int nshorts;
+
+ if ((long)bp & 1) {
+ default_print_unaligned(bp, length);
+ return;
+ }
+ sp = (u_short *)bp;
+ nshorts = (u_int) length / sizeof(u_short);
+ i = 0;
+
+ while (--nshorts >= 0) {
+ if ((i++ % 8) == 0)
+ (void)printf("\n\t\t\t");
+ (void)printf(" %04x", ntohs(*sp++));
+ }
+ if (length & 1) {
+ if ((i % 8) == 0)
+ (void)printf("\n\t\t\t");
+ (void)printf(" %02x", *(u_char *)sp);
+ }
+ }
+
+ if(Aflag && (hdrlen = check_tcpdata(bp, length, &datlen)) > 0)
+ Adump(bp + hdrlen, datlen);
}
__dead void
@@ -443,7 +531,7 @@
(void)fprintf(stderr, "%s version %s\n", program_name, version);
(void)fprintf(stderr, "libpcap version %s\n", pcap_version);
(void)fprintf(stderr,
-"Usage: %s [-adeflnNOpqStvx] [-c count] [ -F file ]\n", program_name);
+"Usage: %s [-AadeflnNOpqStvx] [-c count] [ -F file ]\n", program_name);
(void)fprintf(stderr,
"\t\t[ -i interface ] [ -r file ] [ -s snaplen ]\n");
(void)fprintf(stderr,
© 2012 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed
Comments
No comments yet, be the first!