diff options
| author | lijia <[email protected]> | 2018-11-16 15:21:57 +0800 |
|---|---|---|
| committer | lijia <[email protected]> | 2018-11-16 15:21:57 +0800 |
| commit | e3fca62644610e1fcaf5c36f411360ca4c868e6b (patch) | |
| tree | 0ffbea083737037fa2f424b8e7b071d64c734cc4 | |
| parent | e601cdb8cab0aca61280be33381c4fdc793d33cb (diff) | |
修复ip分片跳转BUG.
| -rw-r--r-- | net_common.c | 16 | ||||
| -rw-r--r-- | print-ether.c | 12 | ||||
| -rw-r--r-- | print.c | 2 | ||||
| -rw-r--r-- | tcpdump.c | 5 |
4 files changed, 19 insertions, 16 deletions
diff --git a/net_common.c b/net_common.c index 0214216..fdbb2fa 100644 --- a/net_common.c +++ b/net_common.c @@ -155,6 +155,12 @@ static int ipv4_jump_to_layer(const char *raw_data, int raw_layer_type, int exp if(raw_layer_type == expect_layer_type){
return 0;
}
+
+ /* IP��Ƭ���ټ�����ת */
+ unsigned short *iphdr_off = (unsigned short *)&p_ip_hdr->ip_off[0];
+ if((htons(*iphdr_off) & IP_MF) || (htons(*iphdr_off) & IP_OFFMASK)){
+ return -1;
+ }
switch(p_ip_hdr->ip_p){
case IPPROTO_TCP:
@@ -262,8 +268,9 @@ static int ipv6_jump_to_layer(const char *raw_data, int raw_layer_type, int exp goto done;
break;
- case 44:///NEXTHDR_FRAGMENT:
- offset_to_ip6 = 8; // 8 == sizeof(struct ipv6_frag_hdr);
+ case 44:///NEXTHDR_FRAGMENT:
+ /* IP��Ƭ���ټ�����ת */
+ return -1;
break;
case 50://NEXTHDR_ESP:
@@ -642,6 +649,11 @@ const void *MESA_net_jump_to_layer_greedy(const void *raw_data, int raw_layer_ty case __ADDR_TYPE_IP_PAIR_V4:
{
const struct mesa_ip4_hdr *ip4hdr = (const struct mesa_ip4_hdr *)expect_layer;
+ if((ntohs(ip4hdr->ip_off) & IP_MF ) || (ntohs(ip4hdr->ip_off) & IP_OFFMASK)){
+ /* IP��Ƭ���ټ������ڲ���ת */
+ goto done;
+ }
+
if(IPPROTO_UDP == ip4hdr->ip_p){
new_next_layer_data = (char *)expect_layer + ip4hdr->ip_hl * 4;
new_raw_layer_type = ADDR_TYPE_UDP; /* IP�������������һ��ƫ��, ֻ֧��UDP, IPIP, GRE, L2TPv3. */
diff --git a/print-ether.c b/print-ether.c index 823b23d..5583fc6 100644 --- a/print-ether.c +++ b/print-ether.c @@ -137,18 +137,6 @@ ether_print(netdissect_options *ndo, int llc_hdrlen; ep = (const struct ether_header *)p; - - /* 2017-01-06 lijia add, �dz���Ethernet������ʾ */ - switch(ntohs(ep->ether_length_type)){ - case ETHERTYPE_IP: - case ETHERTYPE_IPV6: - case ETHERTYPE_8021Q: - case ETHERTYPE_ARP: - break; - - default: - return; - } if (caplen < ETHER_HDRLEN) { ND_PRINT((ndo, "[|ether]")); @@ -336,7 +336,7 @@ pretty_print_packet(netdissect_options *ndo, const struct pcap_pkthdr *h, */ ndo->ndo_snapend = sp + h->caplen; - hdrlen = (ndo->ndo_if_printer)(ndo, h, sp); /* �˺���ָ��ʵ��ָ�� ether_if_print() */ + hdrlen = (ndo->ndo_if_printer)(ndo, h, sp); /* �˺���ָ��ʵ��ָ�� ether_if_print() */ /* * Restore the original snapend, as a printer might have @@ -2177,7 +2177,10 @@ main(int argc, char **argv) if (pcap_compile(pd, &fcode, cmdbuf, Oflag, netmask) < 0){ error("%s", pcap_geterr(pd)); }else{ - has_bpf_filter_flag = 1; + /* ��һ����bpf filter, �˴��ж�һ�� */ + if(cmdbuf){ + has_bpf_filter_flag = 1; + } } if (dflag) { |