diff options
Diffstat (limited to 'usr.sbin/tcpdump')
-rw-r--r-- | usr.sbin/tcpdump/tcpdump/Makefile | 168 | ||||
-rw-r--r-- | usr.sbin/tcpdump/tcpdump/config.h | 4 | ||||
-rw-r--r-- | usr.sbin/tcpdump/tcpdump/tcpdump.1 | 48 |
3 files changed, 179 insertions, 41 deletions
diff --git a/usr.sbin/tcpdump/tcpdump/Makefile b/usr.sbin/tcpdump/tcpdump/Makefile index ca8ec4c32d8f..fe2a001fa0f5 100644 --- a/usr.sbin/tcpdump/tcpdump/Makefile +++ b/usr.sbin/tcpdump/tcpdump/Makefile @@ -7,37 +7,136 @@ TCPDUMP_DISTDIR?= ${.CURDIR}/../../../contrib/tcpdump PROG= tcpdump -SRCS = addrtoname.c af.c checksum.c cpack.c gmpls.c oui.c gmt2local.c \ - ipproto.c nlpid.c l2vpn.c machdep.c parsenfsfh.c in_cksum.c \ - print-802_11.c print-802_15_4.c print-ap1394.c print-ah.c print-arcnet.c \ - print-aodv.c print-arp.c print-ascii.c print-atalk.c print-atm.c \ - print-beep.c print-bfd.c print-bgp.c print-bootp.c print-bt.c \ - print-carp.c print-cdp.c \ - print-cfm.c print-chdlc.c print-cip.c print-cnfp.c print-dccp.c \ - print-decnet.c print-domain.c print-dtp.c print-dvmrp.c print-enc.c \ - print-egp.c print-eap.c print-eigrp.c \ - print-esp.c print-ether.c print-fddi.c print-forces.c print-fr.c \ - print-gre.c print-hsrp.c print-icmp.c print-igmp.c \ - print-igrp.c print-ip.c print-ipcomp.c print-ipfc.c print-ipnet.c \ - print-ipx.c print-isakmp.c print-isoclns.c print-juniper.c print-krb.c \ - print-l2tp.c print-lane.c print-ldp.c print-lldp.c print-llc.c \ - print-lmp.c print-lspping.c \ - print-lwapp.c print-lwres.c print-mobile.c print-mpls.c print-msdp.c \ +SRCS= addrtoname.c \ + af.c \ + checksum.c \ + cpack.c \ + gmpls.c \ + gmt2local.c \ + in_cksum.c \ + ipproto.c \ + l2vpn.c \ + machdep.c \ + nlpid.c \ + oui.c \ + parsenfsfh.c \ + print-802_11.c \ + print-802_15_4.c \ + print-ah.c \ + print-aodv.c \ + print-ap1394.c \ + print-arcnet.c \ + print-arp.c \ + print-ascii.c \ + print-atalk.c \ + print-atm.c \ + print-beep.c \ + print-bfd.c \ + print-bgp.c \ + print-bootp.c \ + print-bt.c \ + print-carp.c \ + print-cdp.c \ + print-cfm.c \ + print-chdlc.c \ + print-cip.c \ + print-cnfp.c \ + print-dccp.c \ + print-decnet.c \ + print-domain.c \ + print-dtp.c \ + print-dvmrp.c \ + print-eap.c \ + print-egp.c \ + print-eigrp.c \ + print-enc.c \ + print-esp.c \ + print-ether.c \ + print-fddi.c \ + print-forces.c \ + print-fr.c \ + print-gre.c \ + print-hsrp.c \ + print-icmp.c \ + print-igmp.c \ + print-igrp.c \ + print-ip.c \ + print-ipcomp.c \ + print-ipfc.c \ + print-ipnet.c \ + print-ipx.c \ + print-isakmp.c \ + print-isoclns.c \ + print-juniper.c \ + print-krb.c \ + print-l2tp.c \ + print-lane.c \ + print-ldp.c \ + print-llc.c \ + print-lldp.c \ + print-lmp.c \ + print-lspping.c \ + print-lwapp.c \ + print-lwres.c \ + print-mobile.c \ print-mpcp.c \ - print-nfs.c print-ntp.c print-null.c print-olsr.c print-ospf.c \ + print-mpls.c \ + print-msdp.c \ + print-msnlb.c \ + print-nfs.c \ + print-ntp.c \ + print-null.c \ + print-olsr.c \ + print-ospf.c \ + print-otv.c \ print-pfsync.c \ - print-pgm.c print-pim.c print-ppi.c print-ppp.c print-pppoe.c \ - print-pptp.c print-radius.c print-raw.c print-rip.c \ + print-pgm.c \ + print-pim.c \ + print-ppi.c \ + print-ppp.c \ + print-pppoe.c \ + print-pptp.c \ + print-radius.c \ + print-raw.c \ + print-rip.c \ print-rpki-rtr.c \ - print-rrcp.c print-rsvp.c print-rx.c print-sctp.c print-sflow.c \ - print-sip.c print-sl.c print-sll.c \ - print-slow.c print-snmp.c print-stp.c print-sunatm.c print-sunrpc.c \ - print-symantec.c print-syslog.c print-tcp.c print-telnet.c print-tftp.c \ - print-timed.c print-tipc.c \ - print-token.c print-udld.c print-udp.c print-vjc.c \ - print-vqp.c print-vrrp.c print-vtp.c \ - print-wb.c print-zephyr.c setsignal.c tcpdump.c util.c \ - print-smb.c signature.c smbutil.c \ + print-rrcp.c \ + print-rsvp.c \ + print-rx.c \ + print-sctp.c \ + print-sflow.c \ + print-sip.c \ + print-sl.c \ + print-sll.c \ + print-slow.c \ + print-smb.c \ + print-snmp.c \ + print-stp.c \ + print-sunatm.c \ + print-sunrpc.c \ + print-symantec.c \ + print-syslog.c \ + print-tcp.c \ + print-telnet.c \ + print-tftp.c \ + print-timed.c \ + print-tipc.c \ + print-token.c \ + print-udld.c \ + print-udp.c \ + print-vjc.c \ + print-vqp.c \ + print-vrrp.c \ + print-vtp.c \ + print-vxlan.c \ + print-wb.c \ + print-zephyr.c \ + print-zeromq.c \ + setsignal.c \ + signature.c \ + smbutil.c \ + tcpdump.c \ + util.c \ version.c CLEANFILES+= version.c @@ -46,9 +145,16 @@ CFLAGS+= -DHAVE_CONFIG_H CFLAGS+= -D_U_="__attribute__((unused))" .if ${MK_INET6_SUPPORT} != "no" -SRCS+= print-ip6.c print-ip6opts.c print-mobility.c print-ripng.c \ - print-icmp6.c print-babel.c print-frag6.c print-rt6.c print-ospf6.c \ - print-dhcp6.c +SRCS+= print-babel.c \ + print-dhcp6.c \ + print-frag6.c \ + print-icmp6.c \ + print-ip6.c \ + print-ip6opts.c \ + print-mobility.c \ + print-ospf6.c \ + print-ripng.c \ + print-rt6.c CFLAGS+= -DINET6 .endif .if ${MACHINE_CPUARCH} != "i386" diff --git a/usr.sbin/tcpdump/tcpdump/config.h b/usr.sbin/tcpdump/tcpdump/config.h index b13055dcfc9a..62fa3cd3547f 100644 --- a/usr.sbin/tcpdump/tcpdump/config.h +++ b/usr.sbin/tcpdump/tcpdump/config.h @@ -255,7 +255,7 @@ /* #undef NETINET_ETHER_H_DECLARES_ETHER_NTOHOST */ /* Define to 1 if netinet/if_ether.h declares `ether_ntohost' */ -#define NETINET_IF_ETHER_H_DECLARES_ETHER_NTOHOST +#define NETINET_IF_ETHER_H_DECLARES_ETHER_NTOHOST /**/ /* Define to the address where bug reports for this package should be sent. */ #define PACKAGE_BUGREPORT "" @@ -276,7 +276,7 @@ #define RETSIGTYPE void /* return value of signal handlers */ -#define RETSIGVAL +#define RETSIGVAL /**/ /* Define to 1 if you have the ANSI C header files. */ #define STDC_HEADERS 1 diff --git a/usr.sbin/tcpdump/tcpdump/tcpdump.1 b/usr.sbin/tcpdump/tcpdump/tcpdump.1 index 11706e76c767..ca6d795ed0d8 100644 --- a/usr.sbin/tcpdump/tcpdump/tcpdump.1 +++ b/usr.sbin/tcpdump/tcpdump/tcpdump.1 @@ -23,7 +23,7 @@ .\" WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF .\" MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. .\" -.TH TCPDUMP 1 "05 March 2009" +.TH TCPDUMP 1 "12 July 2012" .SH NAME tcpdump \- dump traffic on a network .SH SYNOPSIS @@ -75,6 +75,10 @@ tcpdump \- dump traffic on a network .I file ] [ +.B \-V +.I file +] +[ .B \-s .I snaplen ] @@ -128,8 +132,10 @@ flag, which causes it to save the packet data to a file for later analysis, and/or with the .B \-r flag, which causes it to read from a saved packet file rather than to -read packets from a network interface. In all cases, only packets that -match +read packets from a network interface. It can also be run with the +.B \-V +flag, which causes it to read a list of saved packet files. In all cases, +only packets that match .I expression will be processed by .IR tcpdump . @@ -257,7 +263,9 @@ that lacks the function. .TP .B \-e -Print the link-level header on each dump line. +Print the link-level header on each dump line. This can be used, for +example, to print MAC layer addresses for protocols such as Ethernet and +IEEE 802.11. .TP .B \-E Use \fIspi@ipaddr algo:secret\fP for decrypting IPsec ESP packets that @@ -510,15 +518,19 @@ Force packets selected by "\fIexpression\fP" to be interpreted the specified \fItype\fR. Currently known types are \fBaodv\fR (Ad-hoc On-demand Distance Vector protocol), +\fBcarp\fR (Common Address Redundancy Protocol), \fBcnfp\fR (Cisco NetFlow protocol), +\fBradius\fR (RADIUS), \fBrpc\fR (Remote Procedure Call), \fBrtp\fR (Real-Time Applications protocol), \fBrtcp\fR (Real-Time Applications control protocol), \fBsnmp\fR (Simple Network Management Protocol), \fBtftp\fR (Trivial File Transfer Protocol), \fBvat\fR (Visual Audio Tool), +\fBwb\fR (distributed White Board), +\fBzmtp1\fR (ZeroMQ Message Transport Protocol 1.0) and -\fBwb\fR (distributed White Board). +\fBvxlan\fR (Virtual eXtensible Local Area Network). .TP .B \-t \fIDon't\fP print a timestamp on each dump line. @@ -591,6 +603,10 @@ With .B \-X Telnet options are printed in hex as well. .TP +.B \-V +Read a list of filenames from \fIfile\fR. Standard input is used +if \fIfile\fR is ``-''. +.TP .B \-w Write the raw packets to \fIfile\fR rather than parsing and printing them out. @@ -603,6 +619,15 @@ amount of time after they are received. Use the .B \-U flag to cause packets to be written as soon as they are received. .IP +The MIME type \fIapplication/vnd.tcpdump.pcap\fP has been registered +with IANA for \fIpcap\fP files. The filename extension \fI.pcap\fP +appears to be the most commonly used along with \fI.cap\fP and +\fI.dmp\fP. \fITcpdump\fP itself doesn't check the extension when +reading capture files and doesn't add an extension when writing them +(it uses magic numbers in the file header instead). However, many +operating systems and applications will use the extension if it is +present and adding one (e.g. .pcap) is recommended. +.IP See .BR pcap-savefile (5) for a description of the file format. @@ -706,8 +731,10 @@ For the \fIexpression\fP syntax, see .LP Expression arguments can be passed to \fItcpdump\fP as either a single argument or as multiple arguments, whichever is more convenient. -Generally, if the expression contains Shell metacharacters, it is -easier to pass it as a single, quoted argument. +Generally, if the expression contains Shell metacharacters, such as +backslashes used to escape protocol names, it is easier to pass it as +a single, quoted argument rather than to escape the Shell +metacharacters. Multiple arguments are concatenated with spaces before being parsed. .SH EXAMPLES .LP @@ -1709,6 +1736,11 @@ serviced the `new packet' interrupt. .SH "SEE ALSO" stty(1), pcap(3PCAP), bpf(4), nit(4P), pcap-savefile(5), pcap-filter(7), pcap-tstamp-type(7) +.LP +.RS +.I http://www.iana.org/assignments/media-types/application/vnd.tcpdump.pcap +.RE +.LP .SH AUTHORS The original authors are: .LP @@ -1728,7 +1760,7 @@ The current version is available via http: The original distribution is available via anonymous ftp: .LP .RS -.I ftp://ftp.ee.lbl.gov/tcpdump.tar.Z +.I ftp://ftp.ee.lbl.gov/old/tcpdump.tar.Z .RE .LP IPv6/IPsec support is added by WIDE/KAME project. |