10
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
16
1. Linux Sockets Bug (Platform Linux/i386)
17
[Alan.Cox@linux.org is aware of the above issue. Status: no reply]
19
Below you can find the packetLogger code that can be used to
20
reproduce the problem. Suppose to have
21
host A (MAC Address 08:00:69:0B:6F:A1) and host B (MAC Address
22
00:20:AF:73:C6:2E). Host B is an i386 running Linux 2.X. No matter what
23
OS runs on A. Now start "packetLogger 08:00:69:0B:6F:A1
24
00:20:AF:73:C6:2E" in order to filter packets flowing though A and B. I
25
suppose there's no other traffic (e.g. telnet) between A and B. Now from
26
A do 'ftp B' and transfer a file C (large, e.g. > 1 MB). Stop
27
packetLogger, look at the # of packets and restart it. Now from B do
28
'ftp A' and transfer the very same file C [if A and B are Linux boxes
29
you can start packetLogger on both hosts]. You will notice that in the
30
second case you've lost many packets whereas in the first case
31
everything works fine.
33
========================================
34
#include <sys/param.h>
35
#include <sys/ioctl.h>
36
#include <sys/socket.h>
39
#include <linux/if_ether.h>
40
#include <netinet/in.h>
48
struct ethernet_header {
49
u_char ether_dhost[6];
50
u_char ether_shost[6];
55
char* etheraddr_string(const u_char *ep)
60
static char buf[sizeof("00:00:00:00:00:00")];
61
char hex[] = "0123456789ABCDEF";
65
if ((j = *ep >> 4) != 0)
70
*cp++ = hex[*ep++ & 0xf];
72
for(i = 5; (int)--i >= 0;) {
74
if ((j = *ep >> 4) != 0)
79
*cp++ = hex[*ep++ & 0xf];
88
int main(int argc, char* argv[]) {
91
char *device = "eth0";
92
unsigned long packetNum=0, totLen=0;
96
printf("Usage: %s <MAC Addr. host A> <MAC Addr. host B>\n", argv[0]);
97
printf("Example: %s 08:00:69:0B:6F:A1 00:20:AF:73:C6:2E\n", argv[0]);
101
fd = socket(PF_INET, SOCK_PACKET, htons(ETH_P_ALL));
104
printf("Error creating socket.\n");
108
/* Bind to the interface name */
109
memset(&sa, 0, sizeof(sa));
110
sa.sa_family = AF_INET;
111
(void)strncpy(sa.sa_data, device, sizeof(sa.sa_data));
112
if (bind(fd, &sa, sizeof(sa))) {
113
printf("bind: error\n");
117
memset(&ifr, 0, sizeof(ifr));
118
strncpy(ifr.ifr_name, device, sizeof(ifr.ifr_name));
119
if (ioctl(fd, SIOCGIFHWADDR, &ifr) < 0 ) {
120
printf("SIOCGIFHWADDR: error\n");
124
/* Base the buffer size on the interface MTU */
125
memset(&ifr, 0, sizeof(ifr));
126
strncpy(ifr.ifr_name, device, sizeof(ifr.ifr_name));
127
if (ioctl(fd, SIOCGIFMTU, &ifr) < 0 ) {
128
printf("SIOCGIFMTU: error\n");
133
struct sockaddr from;
134
int fromlen, cc, len=0;
135
u_char bp[2048], srcHost[64], dstHost[64];
136
struct ethernet_header *ep;
139
fromlen = sizeof(from);
140
cc = recvfrom(fd, bp, 2048, 0, &from, &fromlen);
142
} while (strcmp(device, from.sa_data));
144
ep = (struct ethernet_header*)bp;
146
strcpy(srcHost, etheraddr_string(ep->ether_shost));
147
strcpy(dstHost, etheraddr_string(ep->ether_dhost));
150
if(strcmp(srcHost, argv[1]) && strcmp(srcHost, argv[2]))
152
else if(strcmp(dstHost, argv[1]) && strcmp(dstHost, argv[2]))
156
printf("%5d\t%8u\t%s -> %s (len=%d)\n",
157
++packetNum, totLen, srcHost, dstHost, len);
165
========================================
168
[iPPP guys have been informed. Status: no reply]
170
ntop works with PPP but it presents some problems with iPPP (ISDN PPP). Some packets cannot be decoded properly. Tools other than ntop (e.g. tcpdump, ethereal) can't handle such packets either.
b'\\ No newline at end of file'