Re: Hardware mac address with pcap/winpcap

["Gianluca Varenni" <gianluca.varenni () cacetech com>]

I checked, and none of them (AF_LINK, PF_PACKET, sockaddr_ll) is defined in 
the windows include files. Same for the Cygwin include files.

GV

----- Original Message ----- 
From: "Guy Harris" <guy () alum mit edu>
To: <tcpdump-workers () lists tcpdump org>
Sent: Wednesday, March 04, 2009 10:21 AM
Subject: Re: [tcpdump-workers] Hardware mac address with pcap/winpcap


> On Mar 4, 2009, at 9:19 AM, Gianluca Varenni wrote:
>
> > In the case of Windows/WinPcap, we have an internal Packet API to  get 
> > the MAC address, the main problem is exposing such MAC address  at the 
> > pcap API level. I actually didn't know that findalldevs was  returning 
> > the MAC address on (some flavors of?) linux. What is the  sa_family in 
> > that case?
>
> PF_PACKET, it appears; I suspect that means the address is a  sockaddr_ll.
>
> It's AF_LINK on Mac OS X and, probably, *BSD; the address is some  other 
> sockaddr structure, different from a sockaddr_ll.
>
> On Solaris, the MAC address isn't returned by the API libpcap uses for 
> pcap_findalldevs(); you need to use DLPI interfaces to get the MAC 
> address.
> -
> This is the tcpdump-workers list.
> Visit https://cod.sandelman.ca/ to unsubscribe. 

-
This is the tcpdump-workers list.
Visit https://cod.sandelman.ca/ to unsubscribe.