On May 13, 2009, at 4:41 PM, Rick wrote:
AIX libpcap 9.8-2 seems to create these when it's loaded. Is there
some way to configure it to create more of these ?
You might have to ask IBM that.
Somebody contributed to tcpdump.org's libpcap code to create those
devices; that code has a #defi
Hi,
I could not find any users-list for tcpdump, so I am sorry if I offend
anybody.
I have two questions about tcpdump:
1) I get many UDP packages that have an IP that is not bound to one of my
interfaces, like this one (the local IP is 10.69.26.61.22):
1240473922.435472 00:1a:64:79:b9:4c > ff:f
Hi,
Running multiple nmap executables simultaneously to cover large scopes of
machines. I'm receiving after 4 instance the following error.
pcap_open_live(en0, 100, 0, 200) FAILED. Reported error: (no devices found)
/dev/bpf4: No such file or directory. Will wait 5 seconds then retry.
pcap_op
Hi
First of all, thanks for the answer.
> Umm, why are you calling pcap_create twice()? pcap_dump_open() creates the
> dump file for you; it does require a pcap_t as an argument, but that doesn't
> mean "just randomly open a pcap_t", it means "the packets you're writing are
> presumably coming f
On May 13, 2009, at 3:04 PM, Eddie Harari wrote:
Byte 1 is version
byte 2 is pad
and byte 3-4 is length of radiotap in bytes right ?
Right.
does this info sit in offset 0 of the data i get when i am sniffing ?
At offset 0 of the data you get from libpcap is the version byte.
At offset 1
problem solved. (passed wrong parameter to my parser ...).
On Wed, May 13, 2009 at 6:00 PM, David Young wrote:
> On Wed, May 13, 2009 at 05:49:32PM -0400, Eddie Harari wrote:
> > Hello ,
> >
> > I am sniffing packets and my nic is on monitor mode,
> > the DLT type i get from pcap is 127 whi
Byte 1 is version
byte 2 is pad
and byte 3-4 is length of radiotap in bytes right ?
does this info sit in offset 0 of the data i get when i am sniffing ?
cause the first bytes i get has value 84 and from what i understand it
should have been 0.
and length i get is 40,000 and changing ...
any
On Wed, May 13, 2009 at 05:49:32PM -0400, Eddie Harari wrote:
> Hello ,
>
> I am sniffing packets and my nic is on monitor mode,
> the DLT type i get from pcap is 127 which is RADIOTAP header...
>
> from what i understood byte 3 on the header contains the length of the
> radiotap informatio
Hello ,
I am sniffing packets and my nic is on monitor mode,
the DLT type i get from pcap is 127 which is RADIOTAP header...
from what i understood byte 3 on the header contains the length of the
radiotap information preceding the 802.11 frame,
and 2 bytes prior to byte 3 should be set to
On May 13, 2009, at 11:38 AM, Johan Mazel wrote:
My program work like this:
-I initialize my process of capture on my network interface (eth0)
through
these 2 functions : pcap_create, pcap_activate (I also use some
function
like pcap_set_timeout, pcap_set_direction but this is not really
Hi
I'm trying to use libpcap to generate some packets traces.
I want these traces to be fully usable in Wireshark.
Unfortunately my traces are not fully usable by Wireshark, i.e.: Wireshark
cannot recognize each protocol inside.
I tried to find a reason for this phenomenon and I think I found it.
Hi,
my apologies for resending this request, but I fear that my first mail
might have been overlooked, or else I did not provide all information
that was required.
We have developed a protocol called 'Metadata' for a commercially
available 3G mobile network monitoring system which is part of a pr
12 matches
Mail list logo
