7.213. tcpdump

Bug Fixes

BZ#972396

Previously, the tcpdump utility was treating the argument for the "-i" option as a number if it contained a numeric prefix and other characters, not as a string. Consequently, packet capturing was not started on a specified interface at all or could get started on a incorrect interface. With this update, the argument for "-i" is treated as a number only if it contains only numerals 0-9; otherwise, the argument is treated as a string. For example, interface names such as "192_1_2" are no longer treated as interface number 192, but as a string. As a result, tcpdump starts correctly on a specified interface even if the interface name contains a numeric prefix.

BZ#1130111

The tcpdump Cisco Discovery Protocol (CDP) dissector previously stopped parsing packet prematurely after encountering Type-Length-Value (TLV) field which had the length of 0 and no data associated with it. Consequently, some CDP packets were not completely dissected. A patch which alters code deciding when to stop parsing the packet has been applied to fix this bug. Now, zero length data TLVs are allowed, and CDP packets containing such TLVs are parsed correctly.

Enhancements

BZ#1045601

The kernel, glibc, and libpcap utilities now provide APIs to obtain nanosecond resolutions timestamps. The user can thus query which timestamp sources are available ("-J"), set a specific timestamp source ("-j"), and request timestamps with a specified resolution ("--time-stamp-precision").

BZ#1099701

This update adds the new "-P" command-line argument for capturing packets in certain direction, which can ease debugging networking-related problems.