Skip to content

Commit

Permalink
Set src and dst port to 0 for non-TCP/UDP packets
Browse files Browse the repository at this point in the history
The source and destination ports are used to find the right bucket in the hash.
Currently they are only set when a TCP or UDP packet was detected and otherwise
the old (from previous packet) value is used. This is problematic when in the
future non-UDP/TCP traffic should be dumped because it will end up in different
pcap files.
  • Loading branch information
ecsv committed Feb 11, 2014
1 parent c3857b2 commit 5435c7a
Showing 1 changed file with 9 additions and 3 deletions.
12 changes: 9 additions & 3 deletions pkt2flow.c
Original file line number Diff line number Diff line change
Expand Up @@ -212,19 +212,25 @@ static void process_trace(void)
}

// Get the src and dst ports of TCP or UDP
if (iph->ip_p == IPPROTO_TCP) {
switch (iph->ip_p) {
case IPPROTO_TCP:
if (hdr.caplen < offset + sizeof(struct tcphdr))
continue;
tcph = (struct tcphdr *)(pkt + offset);
src_port = ntohs(tcph->th_sport);
dst_port = ntohs(tcph->th_dport);
}
if (iph->ip_p == IPPROTO_UDP) {
break;
case IPPROTO_UDP:
if (hdr.caplen < offset + sizeof(struct udphdr))
continue;
udph = (struct udphdr *)(pkt + offset);
src_port = ntohs(udph->uh_sport);
dst_port = ntohs(udph->uh_dport);
break;
default:
src_port = 0;
dst_port = 0;
break;
}

// Search for the ip_pair of specific four-tuple
Expand Down

0 comments on commit 5435c7a

Please sign in to comment.