Date: Mon, 27 Nov 2006 16:30:19 GMT From: Oliver Fromme <olli@lurza.secnetix.de> To: freebsd-bugs@FreeBSD.org Subject: Re: bin/105334: Error in output of tcpdump Message-ID: <200611271630.kARGUJQO051633@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
The following reply was made to PR bin/105334; it has been noted by GNATS.
From: Oliver Fromme <olli@lurza.secnetix.de>
To: rnsanchez@wait4.org (Ricardo Nabinger Sanchez)
Cc: FreeBSD-gnats-submit@FreeBSD.org
Subject: Re: bin/105334: Error in output of tcpdump
Date: Mon, 27 Nov 2006 17:20:05 +0100 (CET)
Hi Ricardo,
Sorry for the long delay. I got distracted by other
problems that were more important than this one.
Ricardo Nabinger Sanchez wrote:
> Oliver Fromme wrote:
> > [...]
> > Now it gets even more interesting. I did what you suggested,
> > then tried to view the file with "tcpdump -r" (on the same
> > machine), and it displayed "0" for the port number in all
> > places where the big 32bit numbers where displayed previously.
> >
> > Then I copied the file to a different machine (running an
> > older FreeBSD 4.x), and tcpdump there displayed all of the
> > port numbers correctly (i.e. neither big 32bit numbers nor
> > zero). So it is definitely purely a display problem on my
> > RELENG_6 machine. The contents of the capture file are OK.
>
> I downloaded your files, tried with my tcpdump, yours, also with your
> libpcap, and got consistent and uniform results, verified together with md5
> after checking the output data.
Yes, my results are also consistent and uniform, byt they're
still wrong.
I have tried the same on a different box (completely different
hardware with a RELENG_6 installation unrelated to the first
machine). I can reproduce the problem easily 100%:
- Export an arbitrary directory to localhost. I used this
line in /etc/exports: /usr/bin -ro 127.0.0.1
- Start rpcbind, mountd, nfsd and nfsiod if necessary.
- Mount the exported directory: mount -t nfs -o ro /mnt
- Run tcpdump, e.g.: tcpdump -ni lo0
- Make some NFS traffic: ls -l /mnt
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on lo0, link-type NULL (BSD loopback), capture size 96 bytes
17:08:45.958451 IP 127.0.0.1.659314964 > 127.0.0.1.2049: 104 access [|nfs]
17:08:45.958502 IP 127.0.0.1.2049 > 127.0.0.1.659314964: reply ok 120 access c 274c5915
17:08:45.958550 IP 127.0.0.1.659314965 > 127.0.0.1.2049: 104 access [|nfs]
17:08:45.958570 IP 127.0.0.1.2049 > 127.0.0.1.659314965: reply ok 120 access c 274c5916
17:08:45.958596 IP 127.0.0.1.659314966 > 127.0.0.1.2049: 100 fsstat [|nfs]
17:08:45.958613 IP 127.0.0.1.2049 > 127.0.0.1.659314966: reply ok 168 fsstat [|nfs]
... and so on.
As I said, I can reproduce the problem reliably on RELENG_6
on various hardware. I'm sure you will be able to reproducee
it if you perform the same steps that I do. Make sure the
NFS mount is UDP/v3 (should be the default).
> There must be some odd problem somewhere on your libc.
I've cvsupped the sources, rebuilt libc, libpcap and tcpdump,
but no change. I even took the binaries and libs from the
official 6.2-BETA3. No change.
Best regards
Oliver
--
Oliver Fromme, secnetix GmbH & Co. KG, Marktplatz 29, 85567 Grafing
Dienstleistungen mit Schwerpunkt FreeBSD: http://www.secnetix.de/bsd
Any opinions expressed in this message may be personal to the author
and may not necessarily reflect the opinions of secnetix in any way.
> Can the denizens of this group enlighten me about what the
> advantages of Python are, versus Perl ?
"python" is more likely to pass unharmed through your spelling
checker than "perl".
-- An unknown poster and Fredrik Lundh
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200611271630.kARGUJQO051633>