Date: Tue, 2 Feb 1999 13:37:28 -0800 (PST) From: "Jonathan M. Bresler" <jmb@FreeBSD.ORG> To: woodford@cc181716-a.hwrd1.md.home.com Cc: security@FreeBSD.ORG Subject: Re: tcpdump Message-ID: <199902022137.NAA07900@hub.freebsd.org> In-Reply-To: <19990202153458.A1152@cc181716-a.hwrd1.md.home.com> (message from Bill Woodford on Tue, 2 Feb 1999 15:34:58 -0500) References: <19990202153458.A1152@cc181716-a.hwrd1.md.home.com>
next in thread | previous in thread | raw e-mail | index | archive | help
> Date: Tue, 2 Feb 1999 15:34:58 -0500 > From: Bill Woodford <woodford@cc181716-a.hwrd1.md.home.com> > Content-Type: text/plain; charset=us-ascii > Sender: owner-freebsd-security@FreeBSD.ORG > X-Loop: FreeBSD.org > > Forgive my ignorance, but I built tcpdump (3.4a3) and libcap (0.4a1) and > it built beautifully. I read the docs, and that mentioned a few things to > watch out for. However, when I run tcpdump (as root), it gives me: > > tcpdump: /dev/bpf0: Device not configured > > I did a little reading, and realize it's possible that my NIC may not > support it (it's a 3com 3c509 combo), but how would one tell. Can anyone > enlighten me as to the true nature of this error? Im running natd/ipfw, > would that interfere with the functioning of tcpdump? Any help would be > appreciated. Thanks. you must create a kernel with bpf support. the line to add to your kernel configuration file is "pseudo-device bpfilter 4". that would give you a kernel that can support 4 devices in promiscious mode. (id you dont know how to create a kernel, take a look in the handbook /usr/share/doc/handbook/*html or www.freebsd.org). you need to create the device files for /dev/bpf1, /dev/bnpf2, and /dev/bpf3. cd over to /dev and run "sh MAKEDEV bpf3". jmb To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199902022137.NAA07900>