tcpdump mailing list archives
Re: localhost on Solaris
From: Guy Harris <guy () alum mit edu>
Date: Tue, 24 Aug 2004 00:36:00 -0700
ury segal wrote:
OK... Assuming I insist on enabling localhost sniffing on Solaris to the benerfit of all:
You might want to rephrase that as "insist on *attempting* to enable..." - there's no guarantee that you'll succeed, no matter how beneficial it'd be, as the Solaris networking code might not make it possible.
How should I approach it?How about pushing a STREAMS module on top of the TCP driver? ( Is *that* a STREAMS driver nowdays?)
I'm not sure. At one point it was, but they might have gotten rid of that with some of the work they've done to the Internet protocol stack.
If it is a STREAMS driver, and you push a module on top if it, that will, of course, only catch outgoing TCP traffic (and won't show how that traffic is divided into TCP segments). If there's a STREAMS driver for IP, that might work better, although it wouldn't necessarily see internally-generated IP traffic (e.g., ICMP) and wouldn't show IP fragmentation.
- This is the tcpdump-workers list. Visit https://lists.sandelman.ca/ to unsubscribe.
Current thread:
- localhost on Solaris ury segal (Aug 17)
- Re: localhost on Solaris Darren Reed (Aug 18)
- Re: localhost on Solaris rick jones (Aug 18)
- Re: localhost on Solaris ury segal (Aug 18)
- Re: localhost on Solaris Rick Jones (Aug 18)
- Re: localhost on Solaris ury segal (Aug 23)
- Re: localhost on Solaris Guy Harris (Aug 24)
- Re: localhost on Solaris rick jones (Aug 26)
- Re: localhost on Solaris rick jones (Aug 18)
- Re: localhost on Solaris Darren Reed (Aug 18)