From owner-freebsd-questions Mon Sep 15 18:43:13 1997 Return-Path: Received: (from root@localhost) by hub.freebsd.org (8.8.7/8.8.7) id SAA11637 for questions-outgoing; Mon, 15 Sep 1997 18:43:13 -0700 (PDT) Received: from DonaldBurr.dyn.ml.org (pm1-33.sba1.avtel.net [207.71.218.97]) by hub.freebsd.org (8.8.7/8.8.7) with ESMTP id SAA11626; Mon, 15 Sep 1997 18:43:06 -0700 (PDT) Received: (from dburr@localhost) by DonaldBurr.dyn.ml.org (8.8.5/8.8.5) id SAA16575; Mon, 15 Sep 1997 18:44:29 -0700 (PDT) Message-ID: X-Mailer: XFMail 1.1 [p0] on FreeBSD Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 8bit MIME-Version: 1.0 In-Reply-To: <199709151801.LAA13463@hub.freebsd.org> Date: Mon, 15 Sep 1997 18:41:30 -0700 (PDT) Organization: Starfleet Command From: Donald Burr To: questions@FreeBSD.ORG Subject: RE: questions-digest V3 #417 Cc: freebsd-questions-digest@FreeBSD.ORG, psd@nev.ml.org Sender: owner-freebsd-questions@FreeBSD.ORG X-Loop: FreeBSD.org Precedence: bulk -----BEGIN PGP SIGNED MESSAGE----- My secret spy satellite informs me that on 15-Sep-97, owner-questions-digest@FreeBSD.ORG wrote: >From: Paul Dekkers >Date: Mon, 15 Sep 1997 17:39:12 +0200 (MET DST) >Subject: sniffit for freebsd? > >Hi > >Is there something like sniffit (for linux) under freebsd, so that I can >view the data over an interface? >(And/or something like tcpdump) Yes. >And what's its name? Its name is tcpdump. :) Be sure your compile in support for the Berkeley packet Filter (BPF) in your kernel. If you haven't compiled your own kernel yet, I suggest you execute the following steps: % cd /sys/i386/conf % cp LINT MYKERNEL % vi MYKERNEL (or emacs, or whatever) % config MYKERNEL % cd ../../compile/MYKERNEL % make depend % make all % make install Be sure to read through the MYKERNEL file very carefully, and enable support for thed devices you want, and disable support for those you don't. The line to enable BPF is: (Be sure this line is enabled!) pseudo-device bpf where is the number of interfaces you want to snoop on (be sure to include PPP/PLIP/SLIP/tun links, if you are using them!) Donald Burr - Ask me for my PGP key | PGP: Your WWW HomePage: http://DonaldBurr.base.org/ ICQ #1347455 | right to Address: P.O. Box 91212, Santa Barbara, CA 93190-1212 | 'Net privacy. Phone: (805) 957-9666 FAX: (800) 492-5954 | USE IT. -----BEGIN PGP SIGNATURE----- Version: 2.6.2 iQCVAwUBNB3ke/jpixuAwagxAQFRXQQAhNTb0ZMRb43m2ekte4a/3ZC4NtQZyN1R UjLWePpoBg9rTtoYyjyFS7KtUSyz1HkvGozGwhfxFHY7eCA7FCfPZZPi67OnF5P5 4w0mw0c+UhZ3Qjk5p8hAEHwBG3TA3vbsfgVN3SNJV/RcCz+I/1K5SIg0wjhCnGxP fsecEpyr9Pg= =28UE -----END PGP SIGNATURE-----