From a44c9018259bf4c8db3f658ddc3ba82591a4b9af Mon Sep 17 00:00:00 2001 From: ian Date: Mon, 4 Mar 2002 15:31:11 +0000 Subject: [PATCH] Unmangle NBT stuff which comes out multi-line in tcpdump --- Makefile | 12 +++++++----- blank-ttl-ipcsum.pl | 3 ++- tcpdump-nomultiline.pl | 9 +++++++++ 3 files changed, 18 insertions(+), 6 deletions(-) create mode 100755 tcpdump-nomultiline.pl diff --git a/Makefile b/Makefile index 2b20b1f..894d05b 100644 --- a/Makefile +++ b/Makefile @@ -100,11 +100,13 @@ send-%.pcap send-%.why: ./make-probes.tcl --dest $(DEST) \ --xseed "$* $(UNIQUE)" >send-$*.why -%.log: %.pcap lnumber-tcpdump.pl blank-ttl-ipcsum.pl Makefile - tcpdump -tnxvvs$$(($(MTU)+500)) -r $< >$@.0.tmp - ./blank-ttl-ipcsum.pl <$@.0.tmp >$@.1.tmp - ./lnumber-tcpdump.pl <$@.1.tmp >$@.2.tmp - @mv -f $@.2.tmp $@ +%.log: %.pcap Makefile \ + lnumber-tcpdump.pl blank-ttl-ipcsum.pl tcpdump-nomultiline.pl + tcpdump -tnxvvs$$(($(MTU)+500)) -r $< >$@.2.tmp + ./tcpdump-nomultiline.pl <$@.2.tmp >$@.3.tmp + ./blank-ttl-ipcsum.pl <$@.3.tmp >$@.4.tmp + ./lnumber-tcpdump.pl <$@.4.tmp >$@.5.tmp + @mv -f $@.5.tmp $@ recv-%.diff: send-%.log recv-%.log diff -uI'^[0-9]' $^ >$@ || test $$? == 1 diff --git a/blank-ttl-ipcsum.pl b/blank-ttl-ipcsum.pl index 07a43b6..063b36b 100755 --- a/blank-ttl-ipcsum.pl +++ b/blank-ttl-ipcsum.pl @@ -1,7 +1,8 @@ #!/usr/bin/perl -p if ($zonk) { - s/^(\s\s+4\w\w\w \w{4} \w{4} \w{4}) \w\w(\w\w) \w{4} (\w{4} \w{4})$/$1 ##$2 #### $3/ or die "$_ ?"; + s/^(\t\t\t 4\w\w\w \w{4} \w{4} \w{4}) \w\w(\w\w) \w{4} (\w{4} \w{4})$/$1 ##$2 #### $3/ or die "$_ ?"; $zonk=0; } elsif (m/^ ?[^ \t]/ && s/(\(ttl )\d+(, id \d+\))$/$1###$2/) { $zonk=1; } +# $Id$ diff --git a/tcpdump-nomultiline.pl b/tcpdump-nomultiline.pl new file mode 100755 index 0000000..46f1128 --- /dev/null +++ b/tcpdump-nomultiline.pl @@ -0,0 +1,9 @@ +#!/usr/bin/perl -p +if (m/^\t\t\t 4[0-9a-f]{3}(?: [0-9a-f]{4}){7}/) { + s/^/\n/ if $glerk; + $glerk=0; +} elsif ($glerk) { + s,^, // ,; s/\n$//; +} elsif (m/^ ?[^ \t]/) { + s/\n$//; $glerk=1; +} -- 2.30.2