From 1f419aeb14d7788ac46cec61c492530cb87e0ef0 Mon Sep 17 00:00:00 2001
From: guy <guy>
Date: Tue, 30 Jul 2002 07:48:20 +0000
Subject: It appears that SIOCGIFMTU returns the MTU in the sense of "maximum
 amount of payload you can put in a link-layer packet", i.e. "maximum size of
 a link-layer packet minus the link-layer header size", rather than returning
 the maximum size of a link-layer packet.

The snapshot length is the maximum amount of data to capture from the
entire packet, so it should be clipped at the MTU plus the link-layer
header, not at the MTU.
---
 pcap-snoop.c | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

(limited to 'pcap-snoop.c')

diff --git a/pcap-snoop.c b/pcap-snoop.c
index 019d84e..2d81190 100644
--- a/pcap-snoop.c
+++ b/pcap-snoop.c
@@ -20,7 +20,7 @@
  */
 #ifndef lint
 static const char rcsid[] =
-    "@(#) $Header: /tcpdump/master/libpcap/pcap-snoop.c,v 1.36 2002-07-11 09:06:43 guy Exp $ (LBL)";
+    "@(#) $Header: /tcpdump/master/libpcap/pcap-snoop.c,v 1.37 2002-07-30 07:48:20 guy Exp $ (LBL)";
 #endif
 
 #ifdef HAVE_CONFIG_H
@@ -251,8 +251,8 @@ pcap_open_live(char *device, int snaplen, int promisc, int to_ms, char *ebuf)
 #ifndef ifr_mtu
 #define ifr_mtu	ifr_metric
 #endif
-	if (snaplen > ifr.ifr_mtu)
-		snaplen = ifr.ifr_mtu;
+	if (snaplen > ifr.ifr_mtu + ll_hdrlen)
+		snaplen = ifr.ifr_mtu + ll_hdrlen;
 #endif
 
 	/*
-- 
cgit v1.2.3