tcpdump mailing list archives

Previous By Date Next
Previous By Thread Next

Re: libdlpi with libpcap

From: Guy Harris <guy () alum mit edu>
Date: Sun, 06 Apr 2008 22:52:45 -0700
sagun shakya wrote:
When the features mentioned above integrate into Solaris, an extensible way to open DLPI links under different directories will be required. The libdlpi(3LIB) library provides an interface that provides an abstraction around this so that DLPI applications do not need to know where the actual DLPI link is located in the filesystem.
Is there an error returned by dlpi_open() that means "there is no such network device? If so, which error is it?
Also, is there an error that means "there is such a device, but you don't have permission to open it"?
I'd like to have libpcap be able to return special error codes for those two errors in pcap_activate(), rather than reporting a generic error indication with a text string, so the application can more easily determine the specific error and perhaps treat those errors specially - those errors are usually the result of the user mistyping a device name or running the program without sufficient privileges, so the application might want to indicate that more clearly.
Speaking of sufficient privileges, at least when I last tried it, you could give users other than root privileges to open DLPI devices, but you couldn't enable promiscuous mode unless you're root - and, in non-promiscuous mode, you couldn't see outgoing traffic (I suppose one could argue that outgoing traffic isn't being sent to your machine, so you shouldn't see it in non-promiscuous mode - but, if you're trying to capture your machine's traffic, you don't have an option to do that; NDIS in Windows has a NDIS_PACKET_TYPE_ALL_LOCAL "filter" which lets you see both incoming and outgoing packets, as well as NDIS_PACKET_TYPE_DIRECTED to see incoming unicast packets, NDIS_PACKET_TYPE_MULTICAST to see incoming multicast packets the adapter is set up to see, NDIS_PACKET_TYPE_ALL_MULTICAST to see all incoming multicast packets, NDIS_PACKET_TYPE_BROADCAST to see all incoming broadcast packets, and NDIS_PACKET_TYPE_PROMISCUOUS to see all incoming packets including those not intended for the host). 
-
This is the tcpdump-workers list.
Visit https://cod.sandelman.ca/ to unsubscribe.
Previous By Date Next
Previous By Thread Next

Current thread: