tcpdump mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Warning on enabling ip6 protochain 6

From: Guy Harris <guy () alum mit edu>
Date: Thu, 4 Aug 2011 23:22:28 -0700

On Aug 4, 2011, at 10:46 PM, ramkumar.paranandi () gmail com wrote:


Is there any way other than ip6 protochain 6 to filter ipv6 traffic with extension headers and tcp ?


Other than constructing your own BPF program (which would probably look like what "ip6 protochain 6" generated, 
complete with the problematic loop) and writing your own program to capture the traffic (which it'd have to do in 
userland, for the same reason that programs that use libpcap, such as tcpdump and Wireshark, have to do it in 
userland), no.

If you want to have the filtering done in the kernel, you're out of luck; live with it being done in userland (or hack 
your kernel's BPF to have an instruction like the BSD/OS one, and either hand-construct the BPF program or hack libpcap 
to generate code using that instruction).

If you want not to see the warning message, try redirecting the standard error of the program doing the capture to 
/dev/null.-
This is the tcpdump-workers list.
Visit https://cod.sandelman.ca/ to unsubscribe.
Previous By Date Next
Previous By Thread Next

Current thread: