Date: Tue, 28 Jul 1998 13:34:30 -0500 From: Jonathan Lemon <jlemon@americantv.com> To: Dennis <dennis@etinc.com> Cc: hackers@FreeBSD.ORG Subject: Re: TCPDUMP Message-ID: <19980728133430.54771@right.PCS> In-Reply-To: <199807281657.MAA21402@etinc.com>; from Dennis on Jul 07, 1998 at 12:55:12PM -0400 References: <199807281435.KAA20752@etinc.com> <19980727143725.A10319@oneinsane.net> <199807281435.KAA20752@etinc.com> <199807281657.MAA21402@etinc.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Jul 07, 1998 at 12:55:12PM -0400, Dennis wrote: > Does anyone who understand the bpf code have an idea why filters > (and trafshow) done work with a serial device with DLT_NULL header? > > tcpdump works fine in raw mode, but if you ad an expression it > doesnt pass the filter tests. Not sure, but you may want to look at src/contrib/libpcap/gencode.c, at the various switch statements for DLT_NULL. Perhaps the offsets are not correct the framing protocol that you are using? -- Jonathan To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?19980728133430.54771>