tcpdump mailing list archives

Previous By Date Next
Previous By Thread Next

libpcap on FreeBSD with broadcom interface

From: Greg <pcap () waiting-room org>
Date: Thu, 26 Feb 2004 17:10:51 +0100
Hello

I am trying to have libpcap work for a FreeBSD 4.9-STABLE on i386,
but can not manage to get any packet captured...

I tried by linking with the following versions :
0.8.1 from the ports
0.7 from the base system

The NIC card is the "bge0" interface, aka a gigabit-ethernet card with
a Broadcom chipset. It is running in 100mbps-full-duplex mode.

Using the following simple program, the pcap_next() call never returns,
altough it is listening on port 25 and there is a mail server running
with some traffic.
When running the program, the interface is getting in promiscuous mode.

I'm seeking for any tip to go further on that.
What i do not really understand is that tcpdump is able to capture
the packets i am looking for...

Thanks a lot in advance for any help

Greg



    #include <pcap.h>
    #include <stdio.h>
    int main()
    {
        pcap_t *handle;                        /* Session handle */
char *dev; /* The device to sniff on */ 
        char errbuf[PCAP_ERRBUF_SIZE]; /* Error string */
        struct bpf_program filter;            /* The compiled filter */
        char filter_app[] = "port 25";       /* The filter expression */
        bpf_u_int32 mask;                     /* Our netmask */
        bpf_u_int32 net;                        /* Our IP */
struct pcap_pkthdr header; /* The header that pcap gives us */ 
        const u_char *packet;                 /* The actual packet */
        /* Define the device */
        dev = pcap_lookupdev(errbuf);
printf("DEV: %s\n",dev);
        /* Find the properties for the device */
        pcap_lookupnet(dev, &net, &mask, errbuf);
        /* Open the session in promiscuous mode */
        handle = pcap_open_live(dev, BUFSIZ, 1, 0, errbuf);
        /* Compile and apply the filter */
        pcap_compile(handle, &filter, filter_app, 0, net);
        pcap_setfilter(handle, &filter);
        /* Grab a packet */
printf("Waiting for packet...\n");
        packet = pcap_next(handle, &header);
printf("Got packet !\n");
        /* Print its length */
        printf("Jacked a packet with length of [%d]\n", header.len);
        /* And close the session */
        pcap_close(handle);
        return(0);
    }
-
This is the TCPDUMP workers list. It is archived at
http://www.tcpdump.org/lists/workers/index.html
To unsubscribe use mailto:tcpdump-workers-request () tcpdump org?body=unsubscribe
Previous By Date Next
Previous By Thread Next

Current thread: