tcpdump mailing list archives
Re: RE: ATM Support.?-Latest Version Checked out... Any Ideas..
From: Guy Harris <guy () alum mit edu>
Date: Wed, 3 Dec 2003 12:51:34 -0800
On Dec 3, 2003, at 11:33 AM, Black, Nathan wrote:
I wrote a little capture routine that spits out to screen whenever a packet is received ... It receives the packets fine over Ethernet. However, I must use the atm on linux atmarpd, atmarp commands and set up the PVCs in orderto get the Data. Any Ideas if I am doing something wrong. FYI. Without the atmarpd and atmarp -c atm0 I do not even have the atm interface show up as a device.
I.e., your problem is that you want to capture packets even *before* the ATM interface is connected to the Linux networking stack?
If so, then note that libpcap only supports capturing on network interfaces that are connected to the OS's networking stack, because the underlying OS mechanisms it uses use that networking stack. (BPF only attaches to ifnet devices; DLPI, the SunOS 4.x STREAMS NIT and the pre-4.x NIT, the WinPcap driver and NDIS, and the Linux packet socket mechanism all connect to drivers through networking stack mechanisms, and I would not be surprised to hear that the Irix snoop socket mechanism does so as well; I would also not be surprised if the Digital/Tru64 UNIX packetfilter mechanism does so as well).
So unless the ATM interface is connected to the networking stack, libpcap currently can't do anything with it.
*IF* the Linux ATM code provides some mechanism to grab raw ATM packets without going through a packet socket, and that works even before the ATM interface is connected to the networking stack, it *might* be possible to make libpcap support that for ATM interfaces. We'd need to know how such a mechanism works in order to implement that.
(DLPI plugs in at a lower layer, so that it is, as far as I know, available even before you have circuits set up and IP running over an ATM circuit; this should, I think, allow capturing on SunATM devices before you have IP set up. BPF should work the same way; unfortunately, it appears that Linux might not do so.)
Another possiblity would be to do a "third-party" capture with a DAG card from Endace:
http://www.endace.com/
rather than capturing on an interface on the machine running the
libpcap application. The current CVS version of libpcap supports that,
if you have the DAG library and configure libpcap to use it. The
link-layer type it currently uses is DLT_ATM_RFC1483, which doesn't
supply VPI/VCI information.
- This is the TCPDUMP workers list. It is archived at http://www.tcpdump.org/lists/workers/index.html To unsubscribe use mailto:tcpdump-workers-request () tcpdump org?body=unsubscribe
Current thread:
- RE: ATM Support.?-Latest Version Checked out... Any Ideas.. Black, Nathan (Dec 03)
- Re: RE: ATM Support.?-Latest Version Checked out... Any Ideas.. Guy Harris (Dec 03)