Date: Fri, 10 Aug 2001 01:33:40 -0600 (CST) From: Ryan Thompson <ryan@sasknow.com> To: Wing Tim <twchim1@hotmail.com> Cc: freebsd-questions@freebsd.org Subject: Re: Snoop configuration Message-ID: <Pine.BSF.4.21.0108100129060.56968-100000@ren.sasknow.com> In-Reply-To: <F2037EjQxzmWecm9t0C00004d1a@hotmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Wing Tim wrote to ryan@sasknow.com: > Hi, Ryan, > But how should I enable this snoop (bpf) in the kernel? Also what steps I > need to start it? > Thanks! Hi Wing, If you're using 4.x (I believe you are), then bpf is already enabled in the kernel. You should already be able to run tcpdump as root. If the bpf devices don't already exist, run the following commands: cd /dev sh MAKEDEV bpf* If you're running a version of FreeBSD prior to 4.0, you'll need to enable the bpfilter pseudo device in the kernel. This isn't so bad. Add: pseudo-device bpfilter 4 to your kernel configuration, rebuild/install, and reboot. Again, this step only applies to older versions of FreeBSD that do not have bpf compiled in by default. - Ryan > > Regards, > Wing > > > > >From: Ryan Thompson <ryan@sasknow.com> > >To: Wing Tim <twchim1@hotmail.com> > >CC: freebsd-questions@freebsd.org > >Subject: Re: Snoop configuration > >Date: Thu, 9 Aug 2001 23:58:47 -0600 (CST) > > > >Wing Tim wrote to ryan@sasknow.com: > > > > > Hi, Ryan, > > > Thank you very much for your reply! Then can I still use the snoop > > > protocol in FreeBSD with tcpdump? That is, can I snoop data going to a > > > particular interface? > > > Thanks! > > > >Yes, but in FreeBSD, this is done with the Berkeley Packet Filter (bpf). > >See bpf(4) for a background, but, in particular, see tcpdump(1). > > > >- Ryan > > > > > > > Regards, > > > Wing -- Ryan Thompson <ryan@sasknow.com> Network Administrator, Accounts SaskNow Technologies - http://www.sasknow.com #106-380 3120 8th St E - Saskatoon, SK - S7H 0W2 Tel: 306-664-3600 Fax: 306-664-1161 Saskatoon Toll-Free: 877-727-5669 (877-SASKNOW) North America To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.21.0108100129060.56968-100000>