[Click] info on DATA field of InfiniteSource

Luca Costantino luca.costantino at gmail.com
Mon Oct 3 13:28:21 EDT 2011 

thanks!

2011/10/3 Cliff Frey <cliff at meraki.com>:
> That is a pcap file header.  tcpdump behaves the same way:
> bug:~/co/gs3$ sudo tcpdump -w /tmp/foo.pcap tcp dst port 8787
> tcpdump: listening on eth0, link-type EN10MB (Ethernet), capture size 65535
> bytes
> ^C0 packets captured
> 0 packets received by filter
> 0 packets dropped by kernel
> bug:~/co/gs3$ ls -l /tmp/foo.pcap
> -rw-r--r-- 1 root root 24 2011-10-03 09:17 /tmp/foo.pcap
> Cliff
> On Mon, Oct 3, 2011 at 6:56 AM, Luca Costantino <luca.costantino at gmail.com>
> wrote:
>>
>> 2011/9/30 Cliff Frey <cliff at meraki.com>:
>> > This works for me:
>> > click -e '
>> > InfiniteSource(DATA "packet contents here are ascii", LIMIT 1, STOP
>> > true)
>> > -> UDPIPEncap(192.168.1.2, 1000, 10.0.0.2, 2000)
>> > -> IPPrint(PAYLOAD ascii)
>> > -> Discard
>> > '
>>
>> thanks, that worked!
>>
>> i now have another question. i'm playing with REALLY simple
>> configurations, that is something like this
>>
>> InfiniteSource(DATA "Hello world", LIMIT 5, STOP true)
>>        -> UDPIPEncap(192.168.1.2, 1000, 10.0.0.2, 2000)
>>        -> ciph :: CheckIPHeader(BADSRC 192.168.1.2)
>>
>> ciph[0] -> ToDump(correct.dump, ENCAP IP)
>> ciph[1] -> ToDump(wrong.dump, ENCAP IP)
>>
>> even if there are no correct packets (all match the BADSRC rule), i
>> end up having two dump files. the wrong.dump contains (correctly) all
>> the packets (i can see that from wireshark). the correct.dump file is
>> not readable from wireshark or tcpdump, is 24 bytes long, and contains
>> the following hexadecimal code
>>
>>  D4 C3 B2 A1  02 00 04 00   00 00 00 00  00 00 00 00  D0 07 00 00  65 00
>> 00 00
>>
>>
>> why is that file created, what does that mean?
>>
>> luca
>> --
>> Chiave pubblica http://luca.costantino.googlepages.com/luca.costantino.asc
>>
>> Prima di tutto vennero a prendere gli zingari e fui contento, perché
>> rubacchiavano.
>> Poi vennero a prendere gli ebrei e stetti zitto, perché mi stavano
>> antipatici.
>> Poi vennero a prendere gli omosessuali, e fui sollevato, perché mi
>> erano fastidiosi.
>> Poi vennero a prendere i comunisti, e io non dissi niente, perché non
>> ero comunista.
>> Un giorno vennero a prendere me, e non c’era rimasto nessuno a protestare.
>> (Martin Niemöller)
>
>



-- 
Chiave pubblica http://luca.costantino.googlepages.com/luca.costantino.asc

Prima di tutto vennero a prendere gli zingari e fui contento, perché
rubacchiavano.
Poi vennero a prendere gli ebrei e stetti zitto, perché mi stavano antipatici.
Poi vennero a prendere gli omosessuali, e fui sollevato, perché mi
erano fastidiosi.
Poi vennero a prendere i comunisti, e io non dissi niente, perché non
ero comunista.
Un giorno vennero a prendere me, e non c’era rimasto nessuno a protestare.
(Martin Niemöller)

More information about the click mailing list