Date: Sat, 12 Dec 1998 01:24:00 -0600 From: "Singh, Hardeep IN" <singhh@delpo1.in.unisys.com> To: FreeBSD <freebsd-questions@FreeBSD.ORG> Subject: Tcpdump strange problem Message-ID: <199812111958.TAA18221@eamail1.unisys.com>
next in thread | raw e-mail | index | archive | help
Hello Gentlemen, I want to run tcpdump on my machine to monitor traffic. I have done following things so far 1.Recompiling the Kernel with statement as pseudo-device bpfilter 4 2.All me devices(and network cards are working extremely fine) and I have DEC PCI Ethernet DECCHip adapter with corresponding entry in kernel of de0 and is working fine. 3.I have installed tcpdump and trafshow on my machine. Now when i run tcpdump or trafshow the following happens 1.All packets directed to and from my host are shown 2.All packets for broadcast and multicast are shown e.g arp request and arp replies 3.When I invoke tcpdump for viewing packets on some host celtics e.g >tcpdump -n host celtics The reply is as >>>> Dec 11 21:56:11 Myhost /kernel: de0: promiscuous mode enabled tcpdump:listening on de0 /** Only arp packets for celtics are visible **/ ^C /* Aborting operation */ 1051 packets received by filter 0 packets dropped by kernel 4.Other packets from HostA to HostB where both HostA and HostB and proper hosts are NOT visible at all despite of choosing (probably as many as possible) expressions given to tcpdump and trafshow as command line arguments. Is there some change to be made in code for getting the packets destined for other hosts to be picked up by my network card.In fact the no of packets that appear in the statement that are received by filter do seem to indicate that the kernel is getting the packets but some how it the pplication is not printing them.Please help me with it.I had given a try to FAQ,HelpBook and mail list archive but could not find my answer any where Hoping for quick and prompt reply Thanks and Regards singhh@delpo1.in.unisys.com Hardeep Singh To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199812111958.TAA18221>