From owner-freebsd-security  Tue Feb  2 13:37:31 1999
Return-Path: <owner-freebsd-security@FreeBSD.ORG>
Received: (from majordom@localhost)
          by hub.freebsd.org (8.8.8/8.8.8) id NAA07906
          for freebsd-security-outgoing; Tue, 2 Feb 1999 13:37:31 -0800 (PST)
          (envelope-from owner-freebsd-security@FreeBSD.ORG)
Received: (from jmb@localhost)
          by hub.freebsd.org (8.8.8/8.8.8) id NAA07900;
          Tue, 2 Feb 1999 13:37:28 -0800 (PST)
          (envelope-from jmb)
Date: Tue, 2 Feb 1999 13:37:28 -0800 (PST)
Message-Id: <199902022137.NAA07900@hub.freebsd.org>
From: "Jonathan M. Bresler" <jmb@FreeBSD.ORG>
To: woodford@cc181716-a.hwrd1.md.home.com
CC: security@FreeBSD.ORG
In-reply-to: <19990202153458.A1152@cc181716-a.hwrd1.md.home.com> (message from
	Bill Woodford on Tue, 2 Feb 1999 15:34:58 -0500)
Subject: Re: tcpdump
References:  <19990202153458.A1152@cc181716-a.hwrd1.md.home.com>
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

> Date: Tue, 2 Feb 1999 15:34:58 -0500
> From: Bill Woodford <woodford@cc181716-a.hwrd1.md.home.com>
> Content-Type: text/plain; charset=us-ascii
> Sender: owner-freebsd-security@FreeBSD.ORG
> X-Loop: FreeBSD.org
> 
> Forgive my ignorance, but I built tcpdump (3.4a3) and libcap (0.4a1) and
> it built beautifully.  I read the docs, and that mentioned a few things to
> watch out for.  However, when I run tcpdump (as root), it gives me:
> 
> tcpdump: /dev/bpf0: Device not configured
> 
> I did a little reading, and realize it's possible that my NIC may not
> support it (it's a 3com 3c509 combo), but how would one tell.  Can anyone
> enlighten me as to the true nature of this error?  Im running natd/ipfw,
> would that interfere with the functioning of tcpdump?  Any help would be
> appreciated.  Thanks.

  you must create a kernel with bpf support.  the line to add to your
  kernel configuration file is "pseudo-device bpfilter 4".  that would
  give you a kernel that can support 4 devices in promiscious mode.
  (id you dont know how to create a kernel, take a look in the
  handbook /usr/share/doc/handbook/*html or www.freebsd.org).

  you need to create the device files for /dev/bpf1, /dev/bnpf2, and
  /dev/bpf3.  cd over to /dev and run "sh MAKEDEV bpf3".

jmb

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message