| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
Up to now, the lookup of TCP/UDP port names and Ethernet types was
tightly integrated with the dissector infrastructure, since it is its
main user. However, flowtop also makes use of the name lookup
functionality without needing the actual dissector infrastructure. Thus,
the basic dissector infrastructure also needs to be linked into flowtop
without actually being used.
Fix this by extracting the port/ethertype lookup into an own module
which can then be used either directly (for flowtop) or as part of the
dissector infrastructure (for netsniff-ng).
This also reverts the quick & dirty fix introduced in commit f3322c6
("flowtop: Include netlink dissector to fix build temporarily").
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Until now, we just looked up the vendor string based on the OUI for each
MAC address. Thus, multicast and broadcast addresses were just printed
as "Unknown" which is a bit misleading.
Improve this situation by checking bit 0 of the 1st octet of the address
and by checking for the broadcast address if it is set. If a
multicast/broadcast address is found, the respective string is returned.
In all other cases, the existing OUI lookup is done.
In the future we might extend this mechanism to look up well-known
multicast addresses.
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
This header is actually only needed in dissector_eth and
dissector_80211, so remove the other users accordingly.
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
We decided to get rid of the old Git history and start a new one for
several reasons:
*) Allow / enforce only high-quality commits (which was not the case
for many commits in the history), have a policy that is more close
to the one from the Linux kernel. With high quality commits, we
mean code that is logically split into commits and commit messages
that are signed-off and have a proper subject and message body.
We do not allow automatic Github merges anymore, since they are
total bullshit. However, we will either cherry-pick your patches
or pull them manually.
*) The old archive was about ~27MB for no particular good reason.
This basically derived from the bad decision that also some PDF
files where stored there. From this moment onwards, no binary
objects are allowed to be stored in this repository anymore.
The old archive is not wiped away from the Internet. You will still
be able to find it, e.g. on git.cryptoism.org etc.
Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
