ports/55940: isakmpd pcap support is broken

James E. Flemer jflemer at alum.rpi.edu
Sun Aug 24 23:20:18 UTC 2003 

>Number:         55940
>Category:       ports
>Synopsis:       isakmpd pcap support is broken
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    freebsd-ports-bugs
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          change-request
>Submitter-Id:   current-users
>Arrival-Date:   Sun Aug 24 16:20:13 PDT 2003
>Closed-Date:
>Last-Modified:
>Originator:     James E. Flemer
>Release:        FreeBSD 5.1-CURRENT i386
>Organization:
n/a
>Environment:
System: FreeBSD psi.speednaked.com 5.1-CURRENT FreeBSD 5.1-CURRENT #0: Sat Aug 16 14:04:20 EDT 2003 jflemer at psi.speednaked.com:/usr/src/sys/i386/compile/PSI i386

>Description:
	The isakmpd port comes with a pcap.h that is not compatible with
	the FreeBSD pcap.h.  As a result, the pcap file written by isakmpd
	has an incorrect 'linktype' in the header.  Thus, if one tries to
	use the pcap file with a FreeBSD tool like tcpdump, the packets are
	incorrectly (read: not at all) decoded.

>How-To-Repeat:
	Run isakmpd with -L to produce /var/run/isakmpd.pcap, then:
$ tcpdump -nvr /var/run/isakmpd.pcap 
18:34:05.281823 unknown ip 0
18:34:05.288267 unknown ip 0
18:34:05.395181 unknown ip 0
...

>Fix:
	Isakmpd should be compiled with -DHAVE_PCAP so that the FreeBSD
	system pcap.h is used, not the included pcap.h.  The existing
	files/patch-Makefile.sysdep should be replaced with the one
	below.  When compiled with HAVE_PCAP, isakmpd uses the correct
	value of DLT_LOOP (108) for the pcap header, not the wrong one
	(12), and tcpdump and ethereal both correctly read the file.

	This patch was tested only on -current, tho I believe that libpcap
	has been in FreeBSD for a very long time...

--- files/patch-Makefile.sysdep begins here ---
$FreeBSD$

--- sysdep/freebsd/Makefile.sysdep.orig	Thu Aug 29 02:39:36 2002
+++ sysdep/freebsd/Makefile.sysdep	Sun Aug 24 18:30:45 2003
@@ -42,10 +42,10 @@
 LIBSYSDEPDIR=	${.CURDIR}/sysdep/common/libsysdep
 .endif
 
-LDADD+=		-lgmp ${LIBSYSDEPDIR}/libsysdep.a -lipsec -L/usr/local/lib
+LDADD+=		${LIBSYSDEPDIR}/libsysdep.a -lipsec -L/usr/local/lib
 DPADD+=		${LIBGMP} ${LIBSYSDEPDIR}/libsysdep.a
 
-CFLAGS+=	-DHAVE_GETNAMEINFO -DHAVE_GETIFADDRS \
+CFLAGS+=	-DHAVE_GETNAMEINFO -DHAVE_GETIFADDRS -DHAVE_PCAP \
 		-I${.CURDIR}/sysdep/common -I/usr/include \
 		-I/usr/local/include -I/usr/local/include/openssl
 
--- files/patch-Makefile.sysdep ends here ---
>Release-Note:
>Audit-Trail:
>Unformatted:

More information about the freebsd-ports-bugs mailing list