idosch/gist:7391b77da0b16182406189561fdfa1ef

## gistfile1.txt
dropwatch> set alertmode packet
Setting alert mode
Alert mode successfully set
dropwatch>
dropwatch> set trunc 64
Setting truncation length to 64
Truncation length successfully set
dropwatch>
dropwatch> show
Getting existing configuration
Alert mode: Packet
Truncation length: 64
dropwatch>
dropwatch> start
Enabling monitoring...
Kernel monitoring activated.
Issue Ctrl-C to stop monitoring
drop at br_stp_rcv+0x1ac/0x118e (0xffffffff96fc8d0c) netdev enp0s20f0 (4) timestamp Mon Jul 22 20:50:36 2019 705017383 nsec length 64 original length 119
drop at ip6_mc_input+0x8b8/0xef8 (0xffffffff96e5d8b8) netdev enp0s20f0 (4) timestamp Mon Jul 22 20:50:37 2019 120095601 nsec length 64 original length 114

## gistfile2.txt
Linux netlink (cooked header)
    Link-layer address type: Netlink (824)
    Family: Generic (0x0010)
Linux Generic Netlink protocol
    Netlink message header (type: 0x0018)
        Length: 192
        Family ID: 0x18 (NET_DM)
        Flags: 0x0000
            .... .... .... ...0 = Request: 0
            .... .... .... ..0. = Multipart message: 0
            .... .... .... .0.. = Ack: 0
            .... .... .... 0... = Echo: 0
            .... .... ...0 .... = Dump inconsistent: 0
            .... .... ..0. .... = Dump filtered: 0
        Sequence: 0
        Port ID: 0
    Command: Drop alert (packet) (5)
    Family Version: 2
    Reserved
Linux net_dm (network drop monitor) protocol
    Attribute: Drop location (PC): 0xffffffffaa057286
        Len: 12
        Type: 0x0002, Drop location (PC) (2)
            0... .... .... .... = Nested: 0
            .0.. .... .... .... = Network byte order: 0
            Attribute type: Drop location (PC) (2)
        Program counter: 0xffffffffaa057286
    Attribute: Drop location (symbol): __netif_receive_skb_core+0xcb6/0x2830
        Len: 42
        Type: 0x0003, Drop location (symbol) (3)
            0... .... .... .... = Nested: 0
            .0.. .... .... .... = Network byte order: 0
            Attribute type: Drop location (symbol) (3)
        Symbol: __netif_receive_skb_core+0xcb6/0x2830
   Attribute: Net device index: 9
        Len: 8
        Type: 0x0004, Net device index (4)
            0... .... .... .... = Nested: 0
            .0.. .... .... .... = Network byte order: 0
            Attribute type: Net device index (4)
        Net device index: 9
    Attribute: Net device name: swp3
        Len: 9
        Type: 0x0005, Net device name (5)
            0... .... .... .... = Nested: 0
            .0.. .... .... .... = Network byte order: 0
            Attribute type: Net device name (5)
        Net device name: swp3
    Attribute: Timestamp
        Len: 20
        Type: 0x0006, Timestamp (6)
            0... .... .... .... = Nested: 0
            .0.. .... .... .... = Network byte order: 0
            Attribute type: Timestamp (6)
        Timestamp: Jul 21, 2019 18:30:37.057724511 IDT
    Attribute: Original length: 98
        Len: 8
        Type: 0x000a, Original length (10)
            0... .... .... .... = Nested: 0
            .0.. .... .... .... = Network byte order: 0
            Attribute type: Original length (10)
        Original length: 98
    Attribute: Payload
        Len: 68
        Type: 0x0007, Payload (7)
            0... .... .... .... = Nested: 0
            .0.. .... .... .... = Network byte order: 0
            Attribute type: Payload (7)
        Ethernet II, Src: e4:1d:2d:a5:f3:40, Dst: 7c:fe:90:ff:27:d1
            Destination: 7c:fe:90:ff:27:d1
                Address: 7c:fe:90:ff:27:d1
                .... ..0. .... .... .... .... = LG bit: Globally unique address (factory default)
                .... ...0 .... .... .... .... = IG bit: Individual address (unicast)
            Source: e4:1d:2d:a5:f3:40
                Address: e4:1d:2d:a5:f3:40
                .... ..0. .... .... .... .... = LG bit: Globally unique address (factory default)
                .... ...0 .... .... .... .... = IG bit: Individual address (unicast)
            Type: IPv4 (0x0800)
        Internet Protocol Version 4, Src: 192.0.2.2, Dst: 192.0.2.1
            0100 .... = Version: 4
            .... 0101 = Header Length: 20 bytes (5)
            Differentiated Services Field: 0x00 (DSCP: CS0, ECN: Not-ECT)
                0000 00.. = Differentiated Services Codepoint: Default (0)
                .... ..00 = Explicit Congestion Notification: Not ECN-Capable Transport (0)
            Total Length: 84
                [Expert Info (Error/Protocol): IPv4 total length exceeds packet length (50 bytes)]
                    [IPv4 total length exceeds packet length (50 bytes)]
                    [Severity level: Error]
                    [Group: Protocol]
            Identification: 0xce92 (52882)
            Flags: 0x4000, Don't fragment
                0... .... .... .... = Reserved bit: Not set
                .1.. .... .... .... = Don't fragment: Set
                ..0. .... .... .... = More fragments: Not set
            ...0 0000 0000 0000 = Fragment offset: 0
            Time to live: 64
            Protocol: ICMP (1)
            Header checksum: 0xe812 [validation disabled]
            [Header checksum status: Unverified]
            Source: 192.0.2.2
            Destination: 192.0.2.1
        Internet Control Message Protocol
            Type: 8 (Echo (ping) request)
            Code: 0
            Checksum: 0xea7d incorrect, should be 0x7317
                [Expert Info (Warning/Checksum): Bad checksum [should be 0x7317]]
                    [Bad checksum [should be 0x7317]]
                    [Severity level: Warning]
                    [Group: Checksum]
            [Checksum Status: Bad]
            Identifier (BE): 19432 (0x4be8)
            Identifier (LE): 59467 (0xe84b)
            Sequence number (BE): 4612 (0x1204)
            Sequence number (LE): 1042 (0x0412)
            Timestamp from icmp data: Jul 21, 2019 18:30:37.000000000 IDT
            [Timestamp from icmp data (relative): 0.068574000 seconds]
            Data (14 bytes)
	dropwatch> set alertmode packet
	Setting alert mode
	Alert mode successfully set
	dropwatch>
	dropwatch> set trunc 64
	Setting truncation length to 64
	Truncation length successfully set
	dropwatch>
	dropwatch> show
	Getting existing configuration
	Alert mode: Packet
	Truncation length: 64
	dropwatch>
	dropwatch> start
	Enabling monitoring...
	Kernel monitoring activated.
	Issue Ctrl-C to stop monitoring
	drop at br_stp_rcv+0x1ac/0x118e (0xffffffff96fc8d0c) netdev enp0s20f0 (4) timestamp Mon Jul 22 20:50:36 2019 705017383 nsec length 64 original length 119
	drop at ip6_mc_input+0x8b8/0xef8 (0xffffffff96e5d8b8) netdev enp0s20f0 (4) timestamp Mon Jul 22 20:50:37 2019 120095601 nsec length 64 original length 114
	Linux netlink (cooked header)
	Link-layer address type: Netlink (824)
	Family: Generic (0x0010)
	Linux Generic Netlink protocol
	Netlink message header (type: 0x0018)
	Length: 192
	Family ID: 0x18 (NET_DM)
	Flags: 0x0000
	.... .... .... ...0 = Request: 0
	.... .... .... ..0. = Multipart message: 0
	.... .... .... .0.. = Ack: 0
	.... .... .... 0... = Echo: 0
	.... .... ...0 .... = Dump inconsistent: 0
	.... .... ..0. .... = Dump filtered: 0
	Sequence: 0
	Port ID: 0
	Command: Drop alert (packet) (5)
	Family Version: 2
	Reserved
	Linux net_dm (network drop monitor) protocol
	Attribute: Drop location (PC): 0xffffffffaa057286
	Len: 12
	Type: 0x0002, Drop location (PC) (2)
	0... .... .... .... = Nested: 0
	.0.. .... .... .... = Network byte order: 0
	Attribute type: Drop location (PC) (2)
	Program counter: 0xffffffffaa057286
	Attribute: Drop location (symbol): __netif_receive_skb_core+0xcb6/0x2830
	Len: 42
	Type: 0x0003, Drop location (symbol) (3)
	0... .... .... .... = Nested: 0
	.0.. .... .... .... = Network byte order: 0
	Attribute type: Drop location (symbol) (3)
	Symbol: __netif_receive_skb_core+0xcb6/0x2830
	Attribute: Net device index: 9
	Len: 8
	Type: 0x0004, Net device index (4)
	0... .... .... .... = Nested: 0
	.0.. .... .... .... = Network byte order: 0
	Attribute type: Net device index (4)
	Net device index: 9
	Attribute: Net device name: swp3
	Len: 9
	Type: 0x0005, Net device name (5)
	0... .... .... .... = Nested: 0
	.0.. .... .... .... = Network byte order: 0
	Attribute type: Net device name (5)
	Net device name: swp3
	Attribute: Timestamp
	Len: 20
	Type: 0x0006, Timestamp (6)
	0... .... .... .... = Nested: 0
	.0.. .... .... .... = Network byte order: 0
	Attribute type: Timestamp (6)
	Timestamp: Jul 21, 2019 18:30:37.057724511 IDT
	Attribute: Original length: 98
	Len: 8
	Type: 0x000a, Original length (10)
	0... .... .... .... = Nested: 0
	.0.. .... .... .... = Network byte order: 0
	Attribute type: Original length (10)
	Original length: 98
	Attribute: Payload
	Len: 68
	Type: 0x0007, Payload (7)
	0... .... .... .... = Nested: 0
	.0.. .... .... .... = Network byte order: 0
	Attribute type: Payload (7)
	Ethernet II, Src: e4:1d:2d:a5:f3:40, Dst: 7c:fe:90:ff:27:d1
	Destination: 7c:fe:90:ff:27:d1
	Address: 7c:fe:90:ff:27:d1
	.... ..0. .... .... .... .... = LG bit: Globally unique address (factory default)
	.... ...0 .... .... .... .... = IG bit: Individual address (unicast)
	Source: e4:1d:2d:a5:f3:40
	Address: e4:1d:2d:a5:f3:40
	.... ..0. .... .... .... .... = LG bit: Globally unique address (factory default)
	.... ...0 .... .... .... .... = IG bit: Individual address (unicast)
	Type: IPv4 (0x0800)
	Internet Protocol Version 4, Src: 192.0.2.2, Dst: 192.0.2.1
	0100 .... = Version: 4
	.... 0101 = Header Length: 20 bytes (5)
	Differentiated Services Field: 0x00 (DSCP: CS0, ECN: Not-ECT)
	0000 00.. = Differentiated Services Codepoint: Default (0)
	.... ..00 = Explicit Congestion Notification: Not ECN-Capable Transport (0)
	Total Length: 84
	[Expert Info (Error/Protocol): IPv4 total length exceeds packet length (50 bytes)]
	[IPv4 total length exceeds packet length (50 bytes)]
	[Severity level: Error]
	[Group: Protocol]
	Identification: 0xce92 (52882)
	Flags: 0x4000, Don't fragment
	0... .... .... .... = Reserved bit: Not set
	.1.. .... .... .... = Don't fragment: Set
	..0. .... .... .... = More fragments: Not set
	...0 0000 0000 0000 = Fragment offset: 0
	Time to live: 64
	Protocol: ICMP (1)
	Header checksum: 0xe812 [validation disabled]
	[Header checksum status: Unverified]
	Source: 192.0.2.2
	Destination: 192.0.2.1
	Internet Control Message Protocol
	Type: 8 (Echo (ping) request)
	Code: 0
	Checksum: 0xea7d incorrect, should be 0x7317
	[Expert Info (Warning/Checksum): Bad checksum [should be 0x7317]]
	[Bad checksum [should be 0x7317]]
	[Severity level: Warning]
	[Group: Checksum]
	[Checksum Status: Bad]
	Identifier (BE): 19432 (0x4be8)
	Identifier (LE): 59467 (0xe84b)
	Sequence number (BE): 4612 (0x1204)
	Sequence number (LE): 1042 (0x0412)
	Timestamp from icmp data: Jul 21, 2019 18:30:37.000000000 IDT
	[Timestamp from icmp data (relative): 0.068574000 seconds]
	Data (14 bytes)