From owner-freebsd-questions Thu Jun 28 4:50:46 2001 Delivered-To: freebsd-questions@freebsd.org Received: from Exchange2000.com-con.ag (exchange2000.com-con.net [212.6.164.8]) by hub.freebsd.org (Postfix) with ESMTP id E69D937B406; Thu, 28 Jun 2001 04:50:40 -0700 (PDT) (envelope-from rh@com-con.net) Content-Class: urn:content-classes:message MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable Subject: how to compile bpf... X-MimeOLE: Produced By Microsoft Exchange V6.0.4417.0 Date: Thu, 28 Jun 2001 13:50:33 +0100 Message-ID: X-MS-Has-Attach: X-MS-TNEF-Correlator: Thread-Topic: how to compile bpf... Thread-Index: AcD/0Os8DzAqcDexTgGN2aRq1P2uNw== From: "Heimes, Rene" To: , Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG I =B4m using NeTraMet Vers. 4.3 on an FreeBSD 4.2 System (i386) with libpcap-04. NeTraMet uses libpcap for monitoring and get the packets on the LAN. It could be that ethernet packets were dropped by the kernel and NeTraMet, which happens when i capture some minutes of the LAN traffic with tcpdump 3.5 . Tcpdump gives an information about how many packets were filtered and how many packet were dropped by the kernel. NeTraMet doesn=B4t do this. How could i be on the secure site, that NeTraMet get all packets. If NeTraMet droppes the packets like tcpdump what can I do. In the newsforum from NeTraMet someone says to boost the bpf buffer but he didn=B4t know how. (the counter it is referring to in /sys/net/bpf.c in the kernel.) seems to be=20 # define BPF_BUFSIZE 4096 so i have to increase this. And there for I have to recompile the c-source code, but which of the source and how. Where I have to put the binary?? Could you help me or give some hints??=20 Thanks in advance Ren=E9 Heimes To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message