From owner-freebsd-questions Wed Oct 25 6:43:52 2000 Delivered-To: freebsd-questions@freebsd.org Received: from rworld.org (unknown [208.25.92.100]) by hub.freebsd.org (Postfix) with ESMTP id 7845B37B4C5 for ; Wed, 25 Oct 2000 06:43:50 -0700 (PDT) Received: (from r3mdh@localhost) by rworld.org (8.9.3/8.9.3) id GAA94634 for freebsd-questions@freebsd.org; Wed, 25 Oct 2000 06:54:27 -0700 (PDT) (envelope-from r3mdh) Date: Wed, 25 Oct 2000 06:54:27 -0700 From: "Michael D. Harlan" To: freebsd-questions@freebsd.org Subject: Sniffit 0.3.7b Message-ID: <20001025065427.A94540@rworld.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Mailer: Mutt 0.95.6i Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Hi all, As in the past, I have saved this mailing list as a last resort for solving problems. I have the following package installed on my FreeBSD 4.1 box: sniffit-0.3.7b A packet sniffer program. For educational use I have the required SysV options compiled into my kernel as well as two (2) bpf devices: options SYSVSHM #SYSV-style shared memory options SYSVMSG #SYSV-style message queues options SYSVSEM #SYSV-style semaphores pseudo-device bpf 2 #Berkeley packet filter I have two network interfaces: fxp0 (internal/private) and de0 (external/public). I have a lot of traffic generated on my external interface. During one of those times of high-traffic (a cvsup run, for example), I issued the following command: sniffit -F de0 -I and get the following output: Forcing device to de0 (user requested)... Make sure you have read the docs carefully. Supported Network device found. (de0) Entering Shared memory at 0x30048000 Shared 37108 ... mqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqj lqqSniffit 0.3.7 Betaqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqk x Source IP : All Source PORT : All x x Destination IP: All Destination PORT: All x mqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqj The problem I'm having is that NOTHING is showing up, despite the fact that I have a ton of traffic coming in for a long duration. Am I missing something obvious or ... ? As always, I appreciate all of your help and patience. -- Mike Harlan (r3mdh@rworld.org) http://www.rworld.org/~r3mdh/ http://www.rworld.org/ http://www.usml.org/ http://browns.rworld.org/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message