Date: Sun, 9 Jul 2000 16:04:53 -0700 From: "Michael S. Fischer" <michael@dynamine.net> To: <freebsd-net@freebsd.org> Subject: bpf problem with lo0 interface Message-ID: <NEBBLEIKJJGDCCJMPEJOEECKCAAA.michael@dynamine.net>
next in thread | raw e-mail | index | archive | help
Hi there,
Running 4.0-STABLE, I seem to be having difficulty getting any of the packet
capture/analysis tools (with the exception of tcpdump, which prints the
headers correctly) to give me packet _data_ information when I sniff the lo0
interface.
Tools I've tested:
- tcpshow(1)
- tcpflow(1)
Here's an example:
# tcpdump -s 1518 -i lo0 -lenx port 143 | tcpshow -cooked -noEtherNames
tcpdump: listening on lo0
---------------------------------------------------------------------------
Packet 1
TIME: 16:03:25.186986
LINK: 64:14:25:21:.1:84 -> 0>::å¿:æ#:(L:( type=64.14.25.210.143:
<*** No decode support for encapsulated protocol ***>
---------------------------------------------------------------------------
Packet 2
TIME: 16:03:25.187048 (0.000062)
LINK: 64:14:25:21:.1:03 -> 0>:(::å::$:((:( type=64.14.25.210.1284:
<*** No decode support for encapsulated protocol ***>
... and tcpflow shows, well, nothing at all.
I am able to successfully sniff/analyze captured data using the two tools
above when using the fxp0 interface. Can someone please assist?
Thanks,
--
Michael S. Fischer <michael@dynamine.net> AKA Otterley _O_
Lead Hacketeer, Dynamine Consulting, Silicon Valley, CA |
Phone: +1 650 533 4684 | AIM: IsThisOtterley | ICQ: 4218323 |
"From the bricks of shame is built the hope"--Alan Wilder net.goth
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-net" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?NEBBLEIKJJGDCCJMPEJOEECKCAAA.michael>