Date: Mon, 06 Aug 2001 15:36:27 +0200 (CEST) From: Martin.Stiemerling@ccrle.nec.de To: Henry Whincup <henry@techiebod.com> Cc: "freebsd-net@freebsd.org" <freebsd-net@FreeBSD.ORG> Subject: Re: BPF does not pick up loopback activity Message-ID: <997104987.3b6e9d5bde17f@citadel.mobility.ccrle.nec.de> In-Reply-To: <20010806140314.O37365-100000@localhost> References: <20010806140314.O37365-100000@localhost>
next in thread | previous in thread | raw e-mail | index | archive | help
Hi, to see the packets to 192.168.2.1 you have to specify the interface lo0, because it's your own address. Packets to this address aren't send to fxp0. So use: tcpdump -ni lo0 Martin > Take the following example: > # ifconfig fxp0 > fxp0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500 > inet 192.168.2.1 netmask 0xffffff00 broadcast 192.168.2.255 > ether 00:90:27:94:84:34 > media: Ethernet autoselect (100baseTX <full-duplex>) > status: active > # tcpdump -ni fxp0 & > # ping 192.168.2.1 > PING 192.168.2.1 (192.168.2.1): 56 data bytes > 64 bytes from 192.168.2.1: icmp_seq=0 ttl=64 time=0.059 ms > 64 bytes from 192.168.2.1: icmp_seq=1 ttl=64 time=0.057 ms > ^C > --- 192.168.2.1 ping statistics --- > 2 packets transmitted, 2 packets received, 0% packet loss > round-trip min/avg/max/stddev = 0.057/0.058/0.059/0.001 ms > # ping 192.168.2.2 > PING 192.168.2.2 (192.168.2.2): 56 data bytes > 64 bytes from 192.168.2.2: icmp_seq=0 ttl=255 time=3.134 ms > 14:33:23.291728 arp who-has 192.168.2.2 tell 192.168.2.1 > 14:33:23.293210 arp reply 192.168.2.2 is-at 0:d0:ba:a:91:c0 > 14:33:23.293227 192.168.2.1 > 192.168.2.2: icmp: echo request > 14:33:23.294782 192.168.2.2 > 192.168.2.1: icmp: echo reply > 64 bytes from 192.168.2.2: icmp_seq=1 ttl=255 time=1.408 ms > 14:33:24.297997 192.168.2.1 > 192.168.2.2: icmp: echo request > 14:33:24.299352 192.168.2.2 > 192.168.2.1: icmp: echo reply > ^C > --- 192.168.2.2 ping statistics --- > 2 packets transmitted, 2 packets received, 0% packet loss > round-trip min/avg/max/stddev = 1.408/2.271/3.134/0.863 ms > # > > Note that the packets sent to the local IP address are not picked up by > tcpdump. This can be tried with any traffic type, I have just used > ping > as an example. > > Is this the correct/desired behaviour? If it is, is there any other > way > to capture these packets? > > Thanks > > Henry > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-net" in the body of the message > > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?997104987.3b6e9d5bde17f>