tcpdump mailing list archives
libpcap on FreeBSD with broadcom interface
From: Greg <pcap () waiting-room org>
Date: Thu, 26 Feb 2004 17:10:51 +0100
Hello I am trying to have libpcap work for a FreeBSD 4.9-STABLE on i386, but can not manage to get any packet captured... I tried by linking with the following versions : 0.8.1 from the ports 0.7 from the base system The NIC card is the "bge0" interface, aka a gigabit-ethernet card with a Broadcom chipset. It is running in 100mbps-full-duplex mode. Using the following simple program, the pcap_next() call never returns, altough it is listening on port 25 and there is a mail server running with some traffic. When running the program, the interface is getting in promiscuous mode. I'm seeking for any tip to go further on that. What i do not really understand is that tcpdump is able to capture the packets i am looking for... Thanks a lot in advance for any help Greg #include <pcap.h> #include <stdio.h> int main() { pcap_t *handle; /* Session handle */char *dev; /* The device to sniff on */
char errbuf[PCAP_ERRBUF_SIZE]; /* Error string */ struct bpf_program filter; /* The compiled filter */ char filter_app[] = "port 25"; /* The filter expression */ bpf_u_int32 mask; /* Our netmask */ bpf_u_int32 net; /* Our IP */struct pcap_pkthdr header; /* The header that pcap gives us */
const u_char *packet; /* The actual packet */ /* Define the device */ dev = pcap_lookupdev(errbuf); printf("DEV: %s\n",dev); /* Find the properties for the device */ pcap_lookupnet(dev, &net, &mask, errbuf); /* Open the session in promiscuous mode */ handle = pcap_open_live(dev, BUFSIZ, 1, 0, errbuf); /* Compile and apply the filter */ pcap_compile(handle, &filter, filter_app, 0, net); pcap_setfilter(handle, &filter); /* Grab a packet */ printf("Waiting for packet...\n"); packet = pcap_next(handle, &header); printf("Got packet !\n"); /* Print its length */ printf("Jacked a packet with length of [%d]\n", header.len); /* And close the session */ pcap_close(handle); return(0); } - This is the TCPDUMP workers list. It is archived at http://www.tcpdump.org/lists/workers/index.html To unsubscribe use mailto:tcpdump-workers-request () tcpdump org?body=unsubscribe
Current thread:
- libpcap on FreeBSD with broadcom interface Greg (Feb 26)
- Re: libpcap on FreeBSD with broadcom interface Guy Harris (Mar 01)