[tcpdump-workers] Pcap link type of InfiniBand
Hi, I would be happy if someone could help - Pcap link type of InfiniBand http://stackoverflow.com/questions/37936754/pcap-link-type-of-infiniband Thanks a lot, Tal ___ tcpdump-workers mailing list tcpdump-workers@lists.tcpdump.org https://lists.sandelman.ca/mailman/listinfo/tcpdump-workers
[tcpdump-workers] try to make tcpdump, but failed
Hello: I am try to make the tcpdump source code. first i run configure, and meet some errors in the following. i already got the libpcap,but still get some error. The attachment files are the config.log of tcpdump and libpcap. paulpeter@paulpeter-VirtualBox:~/Documents/tcpdump/tcpdump$ echo $PATH /usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games:/usr/local/games:/snap/bin::/home/paulpeter/Documents/libpcap paulpeter@paulpeter-VirtualBox:~/Documents/tcpdump/tcpdump$ ./configure checking build system type... x86_64-unknown-linux-gnu checking host system type... x86_64-unknown-linux-gnu checking for gcc... gcc checking whether the C compiler works... yes checking for C compiler default output file name... a.out checking for suffix of executables... checking whether we are cross compiling... no checking for suffix of object files... o checking whether we are using the GNU C compiler... yes checking whether gcc accepts -g... yes checking for gcc option to accept ISO C89... none needed checking whether the compiler supports the -ffloat-store option... yes checking for inline... inline checking for __attribute__... yes checking whether __attribute__((unused)) can be used without warnings... yes checking whether __attribute__((noreturn)) can be applied to function pointers without warnings... yes checking whether __attribute__((format)) can be used without warnings... yes checking whether __attribute__((format)) can be applied to function pointers... yes checking how to run the C preprocessor... gcc -E checking for grep that handles long lines and -e... /bin/grep checking for egrep... /bin/grep -E checking for ANSI C header files... yes checking for sys/types.h... yes checking for sys/stat.h... yes checking for stdlib.h... yes checking for string.h... yes checking for memory.h... yes checking for strings.h... yes checking for inttypes.h... yes checking for stdint.h... yes checking for unistd.h... yes checking fcntl.h usability... yes checking fcntl.h presence... yes checking for fcntl.h... yes checking rpc/rpc.h usability... yes checking rpc/rpc.h presence... yes checking for rpc/rpc.h... yes checking rpc/rpcent.h usability... no checking rpc/rpcent.h presence... no checking for rpc/rpcent.h... no checking netdnet/dnetdb.h usability... no checking netdnet/dnetdb.h presence... no checking for netdnet/dnetdb.h... no checking for net/pfvar.h... no checking for netinet/if_ether.h... yes checking whether time.h and sys/time.h may both be included... yes checking smi.h usability... no checking smi.h presence... no checking for smi.h... no checking whether to enable the possibly-buggy SMB printer... yes configure: WARNING: The SMB printer may have exploitable buffer overflows!!! checking whether to drop root privileges by default... no checking whether to chroot... no checking for cap_enter... no checking for cap_rights_limit... no checking for cap_ioctls_limit... no checking for openat... yes checking whether to sandbox using capsicum... no checking for library containing gethostbyname... none required checking for library containing socket... none required checking for library containing putmsg... none required checking whether the operating system supports IPv6... yes checking ipv6 stack type... linux-glibc checking for dnet_htoa declaration in netdnet/dnetdb.h... no checking for vfprintf... yes checking for strlcat... no checking for strlcpy... no checking for strdup... yes checking for strsep... yes checking for getopt_long... yes checking for fork... yes checking for vfork... yes checking for strftime... yes checking for setlinebuf... yes checking for alarm... yes checking for vsnprintf... yes checking for snprintf... yes checking return type of signal handlers... void checking for sigaction... yes checking for library containing dnet_htoa... no checking for main in -lrpc... no checking for library containing getrpcbynumber... none required checking for local pcap library... not found checking for pcap-config... /home/paulpeter/Documents/libpcap/pcap-config checking for pcap_loop... no configure: error: Report this to tcpdump-workers@lists.tcpdump.org, and include the config.log file in your report. If you have downloaded libpcap from tcpdump.org, and built it yourself, please also include the config.log file from the libpcap source directory, the Makefile from the libpcap source directory, and the output of the make process for libpcap, as this could be a problem with the libpcap that was built, and we will not be able to determine why this is happening, and thus will not be able to fix it, without that information, as we have not been able to reproduce this problem ourselves. -- GOOD LUCK ! -- -- ___ tcpdump-workers mailing list tcpdump-workers@lists.tcpdump.org https://lists.sandelman.ca/mailman/listinfo/tcpdump-workers
Re: [tcpdump-workers] try to make tcpdump, but failed
On Jun 24, 2016, at 9:16 PM, 冲民过人 wrote: > I am try to make the tcpdump source code. first i run configure, and meet > some errors in the following. i already got the libpcap,but still get some > error. The attachment files are the config.log of tcpdump and libpcap. Unfortunately, the attachments didn't work - the message didn't have any attachments. Could you try sending them again? ___ tcpdump-workers mailing list tcpdump-workers@lists.tcpdump.org https://lists.sandelman.ca/mailman/listinfo/tcpdump-workers
Re: [tcpdump-workers] Pcap link type of InfiniBand
On Jun 25, 2016, at 11:20 PM, Tal Attaly wrote: > I would be happy if someone could help - Pcap link type of InfiniBand > http://stackoverflow.com/questions/37936754/pcap-link-type-of-infiniband The help that would be needed here would be code for Wireshark to interpret LINKTYPE_INFINIBAND, which, according to http://www.tcpdump.org/linktypes.html is Raw InfiniBand frames, starting with the Local Routing Header, as specified in Chapter 5 "Data packet format" of InfiniBand™ Architectural Specification Release 1.2.1 Volume 1 - General Specifications. Currently, Wireshark includes no code to process those frames, so it cannot handle LINKTYPE_INFINIBAND pcap files or packets for LINKTYPE_INFINIBAND interfaces in pcapng files. ___ tcpdump-workers mailing list tcpdump-workers@lists.tcpdump.org https://lists.sandelman.ca/mailman/listinfo/tcpdump-workers
Re: [tcpdump-workers] Pcap link type of InfiniBand
On Jul 6, 2016, at 12:50 PM, Guy Harris wrote: > Currently, Wireshark includes no code to process those frames, so it cannot > handle LINKTYPE_INFINIBAND pcap files or packets for LINKTYPE_INFINIBAND > interfaces in pcapng files. BTW, LINKTYPE_INFINIBAND was, according to pcap/dlt.h, "Requested by Oren Kladnitsky ". Perhaps somebody at his employer has or had plans for either Wireshark or tcpdump code to handle that link-layer header type. :-) ___ tcpdump-workers mailing list tcpdump-workers@lists.tcpdump.org https://lists.sandelman.ca/mailman/listinfo/tcpdump-workers
Re: [tcpdump-workers] Pcap link type of InfiniBand
On Jul 6, 2016, at 12:50 PM, Guy Harris wrote: > Currently, Wireshark includes no code to process those frames, so it cannot > handle LINKTYPE_INFINIBAND pcap files or packets for LINKTYPE_INFINIBAND > interfaces in pcapng files. tcpdump doesn't have any code to process them, either. The existence of a LINKTYPE_ value does not, in and of itself, indicate that any code exists, in any protocol analyzer, to handle it. ___ tcpdump-workers mailing list tcpdump-workers@lists.tcpdump.org https://lists.sandelman.ca/mailman/listinfo/tcpdump-workers
Re: [tcpdump-workers] Pcap link type of InfiniBand
I understand that LINKTYPE_ value just saves an id for the link type, but parsing code for InfiniBand is exist in wireshark - under ERF link type (Extensible Record File), so I wonder why not using the actual link type of InfiniBand. Thanks, Tal. -Original Message- From: Guy Harris [mailto:g...@alum.mit.edu] Sent: Thursday, July 07, 2016 12:11 AM To: Tal Attaly Cc: tcpdump-workers@lists.tcpdump.org Subject: Re: [tcpdump-workers] Pcap link type of InfiniBand On Jul 6, 2016, at 12:50 PM, Guy Harris wrote: > Currently, Wireshark includes no code to process those frames, so it cannot > handle LINKTYPE_INFINIBAND pcap files or packets for LINKTYPE_INFINIBAND > interfaces in pcapng files. tcpdump doesn't have any code to process them, either. The existence of a LINKTYPE_ value does not, in and of itself, indicate that any code exists, in any protocol analyzer, to handle it. ___ tcpdump-workers mailing list tcpdump-workers@lists.tcpdump.org https://lists.sandelman.ca/mailman/listinfo/tcpdump-workers
Re: [tcpdump-workers] Pcap link type of InfiniBand
Buy the way, for the user it looks like wireshark does support InfiniBand - View -> Internals -> Supported Protocols: IB - InfiniBand ACK Extended Transport Header infiniband.aeth Sequence of bytes Acknowledge Request infiniband.bth.a Boolean ActCountinfiniband.sminfo.actcount Unsigned integer, 4 bytes Additional Reject Information (ARI) infiniband.cm.rej.ari Sequence of bytes ... -Original Message- From: Guy Harris [mailto:g...@alum.mit.edu] Sent: Wednesday, July 06, 2016 10:51 PM To: Tal Attaly Cc: tcpdump-workers@lists.tcpdump.org Subject: Re: [tcpdump-workers] Pcap link type of InfiniBand On Jun 25, 2016, at 11:20 PM, Tal Attaly wrote: > I would be happy if someone could help - Pcap link type of InfiniBand > http://stackoverflow.com/questions/37936754/pcap-link-type-of-infiniba > nd The help that would be needed here would be code for Wireshark to interpret LINKTYPE_INFINIBAND, which, according to http://www.tcpdump.org/linktypes.html is Raw InfiniBand frames, starting with the Local Routing Header, as specified in Chapter 5 "Data packet format" of InfiniBand™ Architectural Specification Release 1.2.1 Volume 1 - General Specifications. Currently, Wireshark includes no code to process those frames, so it cannot handle LINKTYPE_INFINIBAND pcap files or packets for LINKTYPE_INFINIBAND interfaces in pcapng files. ___ tcpdump-workers mailing list tcpdump-workers@lists.tcpdump.org https://lists.sandelman.ca/mailman/listinfo/tcpdump-workers
