Skip site navigation (1)Skip section navigation (2)
Date:      Wed, 23 Jun 1999 10:50:40 -0400
From:      "Christopher J. Michaels" <>
To:        <>, <questions@FreeBSD.ORG>
Subject:   RE: /dev/bpf0, modload ?
Message-ID:  <000001bebd87$c2f62b20$>
In-Reply-To: <>

Next in thread | Previous in thread | Raw E-Mail | Index | Archive | Help
-----Original Message-----
From: owner-freebsd-questions@FreeBSD.ORG
[mailto:owner-freebsd-questions@FreeBSD.ORG]On Behalf Of
Sent: Wednesday, June 23, 1999 7:06 AM
To: questions@FreeBSD.ORG
Subject: /dev/bpf0, modload ?

Trying to build a shadow intrusion detector on FreeBSD 2.2.8.

It relies upon several pieces ( )
which are libpcap, a BPF interface, and tcpdump .. WHICH
someone here prolly knows is dependent upon /dev/bpfN ..

That is good for the experienced kernel savvy folk .. but
I have to plead ignorance . . I remember that my F.BSD 2.0.5
did NOT as I got it support BPF .. so I will guess when
I ls -l /dev/bpf0 and find a device present but try to 
run tcpdump (as root ) and get a 

  tcpdump: /dev/bpf0: Device not configured

message .. I will guess I need to find some knowledgebase
docs on how to rebuild the kernel to include the /dev/bpfN ..

NOT too obvious from /sys/...conf/GENERIC and friends ...

True but if you look in /src/src/sys/i386/conf/LINT, it IS in there.
pseudo-device   bpfilter 4              #Berkeley packet filter

^^- That's all you need to add to the kernel config.

DONT suppose I can modload what I need ?


SO .. PLEASE send me to the right hacks list .. thanks 


To Unsubscribe: send mail to
with "unsubscribe freebsd-questions" in the body of the message

Want to link to this message? Use this URL: <$c2f62b20$0200000a>