tcpdump mailing list archives
Re: Capturing external packets sent to loopback (FreeBSD) ?
From: Guy Harris via tcpdump-workers <tcpdump-workers () lists tcpdump org>
Date: Mon, 24 Feb 2020 12:53:29 -0500 (EST)
--- Begin Message --- From: Guy Harris <gharris () sonic net>
Date: Mon, 24 Feb 2020 09:54:07 -0800
On Feb 24, 2020, at 9:44 AM, Ray Bellis via tcpdump-workers <tcpdump-workers () lists tcpdump org> wrote:I never considered "any" ! But you appear to be suggesting it's not available in FreeBSD ?It's not. In Linux, packet capture is done with sockets created with a protocol family of PF_PACKET. Those sockets *can* be bound to a network interface, but if you *don't* bind the socket, it gets packets from all interfaces. That's how the "any" device is implemented. In *BSD/Darwin, packet capture is done with BPF devices (/dev/bpfN or, on systems with cloning BPF devices, a device you get from opening /dev/bpf). Those devices *must* be bound to a network interface; an unbound device won't provide any packets.
--- End Message ---
_______________________________________________ tcpdump-workers mailing list tcpdump-workers () lists tcpdump org https://lists.sandelman.ca/mailman/listinfo/tcpdump-workers
Current thread:
- Capturing external packets sent to loopback (FreeBSD) ? Ray Bellis via tcpdump-workers (Feb 24)
- Message not available
- Re: Capturing external packets sent to loopback (FreeBSD) ? Ray Bellis via tcpdump-workers (Feb 24)
- Re: Capturing external packets sent to loopback (FreeBSD) ? Guy Harris via tcpdump-workers (Feb 24)
- Re: Capturing external packets sent to loopback (FreeBSD) ? Ray Bellis via tcpdump-workers (Feb 24)
- Message not available
- Message not available
- Re: Capturing external packets sent to loopback (FreeBSD) ? Ray Bellis via tcpdump-workers (Feb 24)
- Re: Capturing external packets sent to loopback (FreeBSD) ? Guy Harris via tcpdump-workers (Feb 24)