tcpdump mailing list archives
Re: using TCPDump
From: "Guy Harris" <gharris () sonic net>
Date: Wed, 25 Dec 2002 11:25:11 -0800 (PST)
Antonio I. said:
I try this: tcpdump host 192.168.2.8, my LAN IP. I get the same error message as above. Is this the right way to do it? If so why am I getting the "no suitable device found" message,
That depends on the OS on which you're running tcpdump and the account under which you're running it.
and what does that mean? Is this normal behaviour for a first-run of tcpdump? This program came with my darwin dist
OK, so the OS is Darwin/MacOS X. If you are running it as yourself, you will probably not have permission to capture packets, as you will not, by default, have permission to open the BPF devices: [localhost:/dev] % ls -l bpf* crw------- 1 root wheel 7, 0 Dec 25 14:19 bpf0 crw------- 1 root wheel 7, 1 Dec 25 14:09 bpf1 crw------- 1 root wheel 7, 2 Dec 25 14:09 bpf2 crw------- 1 root wheel 7, 3 Dec 25 14:09 bpf3 You would either have to 1) run it as root using "sudo"; 2) use "sudo" to change the ownership of the BPF devices to yourself (unfortunately, it appears that a "chown" doesn't pass through the union mount to the underlying file system, or that the system "fixes" the ownership of those devices when it boots, as when I changed it, it didn't survive a reboot). - This is the TCPDUMP workers list. It is archived at http://www.tcpdump.org/lists/workers/index.html To unsubscribe use mailto:tcpdump-workers-request () tcpdump org?body=unsubscribe
Current thread:
- using TCPDump Antonio I. (Dec 25)
- Re: using TCPDump Guy Harris (Dec 25)
- Re: using TCPDump Antonio I. (Dec 25)
- Re: using TCPDump Guy Harris (Dec 27)
- Re: using TCPDump Antonio I. (Dec 28)
- Re: using TCPDump Guy Harris (Dec 29)
- Re: using TCPDump Antonio I. (Dec 29)
- Re: using TCPDump Guy Harris (Dec 30)
- Re: using TCPDump Antonio I. (Dec 25)
- Re: using TCPDump Guy Harris (Dec 25)