Thanks to visit codestin.com
Credit goes to github.com

Skip to content

Read pcap data from stdin ('-'). #13

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
thanosgn wants to merge 1 commit into
base: master
Choose a base branch
from
Open

Read pcap data from stdin ('-'). #13

thanosgn wants to merge 1 commit into from

Conversation

@thanosgn
Copy link

@thanosgn thanosgn commented May 10, 2019

Allow p0f to read pcap data from stdin.

While pcap_open_offline accepts - as a filename argument indicating a synonym for stdin, p0f checks the file using access() and fails with the following message:

cat ~/test.pcap | sudo ./p0f -r -
--- p0f 3.09b by Michal Zalewski <[email protected]> ---

[+] Closed 1 file descriptor.
[+] Loaded 322 signatures from 'p0f.fp'.
[-] SYSTEM ERROR : Can't access file '-'.
        Location : prepare_pcap(), p0f.c:472
      OS message : No such file or directory

The proposed change, also allows - as a filename, thus allowing p0f to read pcap data also from stdin.

Execution after the change:

cat ~/test.pcap | sudo ./p0f -r -
--- p0f 3.09b by Michal Zalewski <[email protected]> ---

[+] Closed 1 file descriptor.
[+] Loaded 322 signatures from 'p0f.fp'.
[+] Will read pcap data from file '-'.
[+] Default packet filtering configured [+VLAN].
[+] Processing capture data.


All done. Processed 207 packets.

@mrheinen mrheinen mentioned this pull request Apr 23, 2024
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@thanosgn