tomahawk-devs Mailing List for Tomahawk Test Tool (Page 32)
Brought to you by:
bsmith1180,
dkolbly
Menu
▾
▴
tomahawk-devs — Mailing list for tomahawk developers/contributors
You can subscribe to this list here.
| 2004 |
Jan
|
Feb
|
Mar
|
Apr
|
May
|
Jun
|
Jul
|
Aug
|
Sep
|
Oct
|
Nov
(3) |
Dec
(3) |
|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 2005 |
Jan
|
Feb
(2) |
Mar
(2) |
Apr
(1) |
May
|
Jun
(1) |
Jul
|
Aug
(4) |
Sep
|
Oct
|
Nov
|
Dec
|
| 2006 |
Jan
|
Feb
|
Mar
|
Apr
(3) |
May
(1) |
Jun
|
Jul
(3) |
Aug
(1) |
Sep
(5) |
Oct
(6) |
Nov
(8) |
Dec
(8) |
| 2007 |
Jan
(11) |
Feb
(12) |
Mar
(6) |
Apr
(22) |
May
(18) |
Jun
(18) |
Jul
(50) |
Aug
(34) |
Sep
(13) |
Oct
(5) |
Nov
(11) |
Dec
(7) |
| 2008 |
Jan
(7) |
Feb
(7) |
Mar
(8) |
Apr
(22) |
May
(9) |
Jun
(14) |
Jul
(23) |
Aug
(13) |
Sep
(19) |
Oct
(16) |
Nov
(11) |
Dec
(43) |
| 2009 |
Jan
(32) |
Feb
(25) |
Mar
(32) |
Apr
(45) |
May
(114) |
Jun
(99) |
Jul
(60) |
Aug
(31) |
Sep
(18) |
Oct
(34) |
Nov
(5) |
Dec
(25) |
| 2010 |
Jan
(11) |
Feb
(5) |
Mar
(73) |
Apr
(105) |
May
(117) |
Jun
(114) |
Jul
(79) |
Aug
(67) |
Sep
(31) |
Oct
(11) |
Nov
(5) |
Dec
(11) |
| 2011 |
Jan
(8) |
Feb
(2) |
Mar
(1) |
Apr
(8) |
May
(7) |
Jun
(4) |
Jul
(5) |
Aug
(8) |
Sep
(13) |
Oct
(10) |
Nov
(13) |
Dec
(15) |
| 2012 |
Jan
(15) |
Feb
(13) |
Mar
(11) |
Apr
(15) |
May
(22) |
Jun
(20) |
Jul
(22) |
Aug
(17) |
Sep
(29) |
Oct
(22) |
Nov
(20) |
Dec
(20) |
| 2013 |
Jan
(21) |
Feb
(12) |
Mar
(13) |
Apr
(37) |
May
(34) |
Jun
(25) |
Jul
(19) |
Aug
(18) |
Sep
(20) |
Oct
(20) |
Nov
(14) |
Dec
(29) |
| 2014 |
Jan
(12) |
Feb
(25) |
Mar
(46) |
Apr
(39) |
May
(45) |
Jun
(28) |
Jul
(26) |
Aug
(17) |
Sep
(21) |
Oct
(24) |
Nov
(17) |
Dec
(10) |
| 2015 |
Jan
(11) |
Feb
(5) |
Mar
(14) |
Apr
(26) |
May
(32) |
Jun
(24) |
Jul
(9) |
Aug
(8) |
Sep
(31) |
Oct
(30) |
Nov
(7) |
Dec
(7) |
| 2016 |
Jan
(16) |
Feb
(8) |
Mar
(21) |
Apr
(16) |
May
(13) |
Jun
(8) |
Jul
(6) |
Aug
(10) |
Sep
(9) |
Oct
(10) |
Nov
(15) |
Dec
(5) |
| 2017 |
Jan
(3) |
Feb
(3) |
Mar
(5) |
Apr
(4) |
May
(5) |
Jun
(2) |
Jul
(2) |
Aug
(2) |
Sep
(3) |
Oct
(1) |
Nov
(3) |
Dec
(2) |
| 2018 |
Jan
(4) |
Feb
(7) |
Mar
(67) |
Apr
(4) |
May
(10) |
Jun
(7) |
Jul
(12) |
Aug
(1) |
Sep
|
Oct
(2) |
Nov
(2) |
Dec
(4) |
| 2019 |
Jan
(5) |
Feb
(2) |
Mar
(1) |
Apr
(3) |
May
(1) |
Jun
(1) |
Jul
(2) |
Aug
(1) |
Sep
|
Oct
|
Nov
(2) |
Dec
(1) |
| 2020 |
Jan
(1) |
Feb
(1) |
Mar
|
Apr
|
May
|
Jun
|
Jul
|
Aug
|
Sep
(1) |
Oct
(2) |
Nov
(1) |
Dec
(1) |
| 2021 |
Jan
|
Feb
|
Mar
|
Apr
(2) |
May
(2) |
Jun
|
Jul
|
Aug
|
Sep
|
Oct
(1) |
Nov
|
Dec
(1) |
| 2022 |
Jan
|
Feb
|
Mar
|
Apr
|
May
|
Jun
|
Jul
|
Aug
|
Sep
|
Oct
|
Nov
(2) |
Dec
(1) |
| 2023 |
Jan
|
Feb
|
Mar
|
Apr
|
May
|
Jun
|
Jul
|
Aug
|
Sep
|
Oct
|
Nov
(3) |
Dec
|
| 2024 |
Jan
|
Feb
|
Mar
|
Apr
|
May
(3) |
Jun
|
Jul
(1) |
Aug
|
Sep
|
Oct
|
Nov
|
Dec
|
| 2025 |
Jan
|
Feb
|
Mar
(2) |
Apr
(1) |
May
|
Jun
|
Jul
(1) |
Aug
|
Sep
(1) |
Oct
(2) |
Nov
(1) |
Dec
|
|
From: Steve S. <ss...@ll...> - 2004-11-18 17:03:26
|
Hello, We're having some problems with tomahawk correctly replaying our pcap file. We have a pcap file with 9 packets in it, 6 in one direction, and 3 replies in the other, so only 2 addresses total. It's a very simple pcap we've been using for debugging. The problem is that only the primary interface spews out any packets. It's not a hardware/OS issue, since any interface works, so long as it's specified by "-i" and not "-j". In the SendPackets function, I've noticed that on/around line 1436 of tomahawk.c, we check the handler to see if it's in "attacker" mode, and if so, writes out to the primary interface. I put printf statements in each conditional branch to demarcate when each was happening, and it appears that h->attacker is always set to 1, which means that the 2nd interface never gets to fire. I see that in RecvPackets, there is code to "switch" modes, but it never seems to trigger. Also, it seems that every packet in the trace has an attacker flag, but this is never referenced for updating, at least as far as I can tell. I'm still working on understanding the code, but I was hoping someone else had run into this and may be able to shed some light on this - maybe we could work at rolling out a Tomahawk 1.1 :) Any thoughts/fixes? Thanks! Steve Suppe |
|
From: cdb <cd...@ev...> - 2004-11-18 15:00:20
|
Anyone notice a problem with spurious match failures on short packets due to comparison of the ethernet trailer? I was running test.pcap through a linux VM in VMware running snort_inline. The packets were running out eth0, through the bridge, and arriving on eth1 but were not counted as having arrived by tomahawk. The received counter printed by tomahawk at the end of the run was incremented, but the behavior of tomahawk was as if they never arrived. A little investigation showed that the failure was due to a failed match in PacketEquals, with a difference at the very end of the data. I added a small hack to PacketEqual to write out b1 and b2 in pcap format to better see the reason for the match failures. In the PCAP, the packets are in groups of two, representing the contents of b1 and b2 respectively. Notice the difference is in the trailer. In the final memcmp, should the comparison length be min(iph->tot_len, len)? That patch works for me. Is the correct approach or something wrong with this test case? |
|
From: allan a. <im...@ya...> - 2004-11-10 19:39:22
|
hello, at this time, i have not figured out how to capture packets from a live network. could someone please give me some pointers. i'm using a linux system. i'm sort of new to linux as well so please be gentle:) thanks so much! |
2259 messages has been excluded from this view by a project administrator.
