tcpdump mailing list archives

Re: libpcap: patches required for OpenSolaris/SXCE

From: Darren Reed <Darren.Reed () Sun COM>
Date: Wed, 02 Dec 2009 13:18:06 +1100

Guy Harris wrote:


On Dec 1, 2009, at 4:10 PM, Darren Reed wrote:

Use of libdladm is going to be required.


Required for what?  Enumerating capture interfaces?


On Solaris, yes. This is a [Open]Solaris problem because libdladm is
not yet in a state suitable for use by tcpdump.

libpcap uses SIOCGLIFCONF to get the list of interfaces.


...if

    1) you *don't* have getifaddrs()


Solaris does not appear to.

and

    2) you *do* have SIOCGLIFCONF


Yes, Solaris does have this *but* it returns interfaces used with IPv4.
In libpcap, the code does:

fd4 = socket(AF_INET, SOCK_GRAM, 0);
...
if (ioctl(fd4, SIOCGLIFCONF, (char *)&ifc) < 0) {

On Solaris, each network address family has its own association with
a network interface. Thus doing SIOCGLIFCONF for an AF_INET
socket can produce different results to SIOCGLIFCONF for an
AF_INET6 socket. And both AF_INET and AF_INET6 sockets
can produce a different list to the datalinks that are visible with
"dladm show-phys".

Additional fad-*.c modules can be added (on Windows, for example, ituses fad-win32.c - yes, even on Win64 :-)).
What would the appropriate APIs be on (various versions of) Solarisfor enumerating interfaces and, if available, getting network addresses?


At present, SIOCGLIFCONF is the only option and the [Open]Solaris
networking folks need to come up with a new interface for libpcap to
use here. I suspect it will be a union of SIOCGLIFCONF plus something
else because of IPNET.

Looking at tcpdump, pcap_lookupnet() should only be called fromtcpdump.cif fflag is true because the returned values of localnet and netmaskare ignored
by init_addrtoname if fflag is not true.
localnet is unused if fflag is false; however, netmask is used bypcap_compile() for the "ip broadcast" filter even if fflag is false.


I was afraid of something like that.
Oh well.

I think I would still advocate that pcap_lookupnet() should be fatal if"-f" is present, though :)


Darren

-
This is the tcpdump-workers list.
Visit https://cod.sandelman.ca/ to unsubscribe.

Current thread:

Re: libpcap: patches required for OpenSolaris/SXCE build >= 125, (continued)
- Re: libpcap: patches required for OpenSolaris/SXCE build >= 125 Guy Harris (Nov 25)
  - Re: libpcap: patches required for OpenSolaris/SXCE build >= 125 Guy Harris (Nov 25)
    - Re: libpcap: patches required for OpenSolaris/SXCE Darren Reed (Nov 27)
    - Re: libpcap: patches required for OpenSolaris/SXCE Darren Reed (Nov 29)
    - Re: libpcap: patches required for OpenSolaris/SXCE Guy Harris (Nov 30)
    - Re: libpcap: patches required for OpenSolaris/SXCE Darren Reed (Nov 30)
    - Re: libpcap: patches required for OpenSolaris/SXCE Guy Harris (Dec 01)
    - Re: libpcap: patches required for OpenSolaris/SXCE Sebastien Roy (Dec 01)
    - Re: libpcap: patches required for OpenSolaris/SXCE Darren Reed (Dec 01)
    - Re: libpcap: patches required for OpenSolaris/SXCE Guy Harris (Dec 01)
    - Re: libpcap: patches required for OpenSolaris/SXCE Darren Reed (Dec 01)
    - Re: libpcap: patches required for OpenSolaris/SXCE Sebastien Roy (Dec 01)
    - Re: libpcap: patches required for OpenSolaris/SXCE Guy Harris (Dec 01)
    - Re: libpcap: patches required for OpenSolaris/SXCE Guy Harris (Dec 01)
    - Re: libpcap: patches required for OpenSolaris/SXCE Guy Harris (Dec 01)
    - Re: libpcap: patches required for OpenSolaris/SXCE Sebastien Roy (Dec 01)
    - Re: libpcap: patches required for OpenSolaris/SXCE Guy Harris (Dec 01)
- Re: libpcap: patches required for OpenSolaris/SXCE build >= 125 Guy Harris (Nov 25)
  - Re: libpcap: patches required for OpenSolaris/SXCE Darren Reed (Nov 27)