Cope with fragmented UDP packets.

Fixes #275. Use this as the systemd unit file to run as a service: [Unit] Description=Dougal Network Packet Capture After=network.target remote-fs.target nss-lookup.target [Service] ExecStart=/srv/dougal/software/sbin/packet-capture.sh ExecStop=/bin/kill -s QUIT $MAINPID Restart=always User=root Group=users Environment=PATH=/usr/bin:/usr/sbin:/usr/local/bin Environment=INS_HOST=172.31.10.254 WorkingDirectory=/srv/dougal/software/var/ SyslogIdentifier=dougal.pcap [Install] WantedBy=multi-user.target
2025-12-06 10:37:07 +00:00 · 2023-09-29 15:28:11 +02:00
parent 0829ea3ea1
commit 17f20535cb
1 changed files with 6 additions and 1 deletions
--- a/sbin/packet-capture.sh
+++ b/sbin/packet-capture.sh
@@ -16,7 +16,12 @@ OUTPATH="$OUTDIR/$OUTNAME"
 # 30000/UDP: Navigation system headers
 # Not all inputs will be present in all systems.
 #
-EXPR="udp and (port 4461 or port 4462 or port 30000)"
+# NOTE: $INS_HOST must be defined and point to the
+# navigation server. The reason we don't use a port
+# filter for this data is because that doesn't work
+# with fragmented UDP packets.
+#
+EXPR="udp and (port 4461 or port 4462 or src host $INS_HOST)"

 if [[ ! -d "$OUTDIR" ]]; then
    mkdir "$OUTDIR"