Setting up new router/firewall and during testing had this issue:
# tcpdump -n -e -tttt -vv -i pflog0 tcpdump: (cannot open device) /dev/bpf: No such file or directory
# ls /dev/bp* crw------- 1 root wheel - 0, 84 Sep 9 20:54 /dev/bpf0 crw------- 1 root wheel - 0, 86 Sep 9 20:54 /dev/bpf1 crw------- 1 root wheel - 0, 87 Sep 9 20:54 /dev/bpf2 |
Turns out that the tcpdump package for FreeBSD 7.2 that I had installed, version 3.9.7, was the cause of the problem. Weird part is that the base tcpdump is 3.9.8 -- newer than the packaged port! Weird indeed.
Anyway, deinstalled the package and now the base tcpdump has no problem connecting to the pflog0 interface for real-time pflog examination.
# which tcpdump /usr/local/sbin/tcpdump
# pkg_deinstall tcpdump ---> Deinstalling 'tcpdump-3.9.7' [Updating the pkgdb ... (...) done]
# which tcpdump /usr/sbin/tcpdump
# tcpdump -V tcpdump version 3.9.8 libpcap version 0.9.8 Usage: tcpdump ...
# /usr/sbin/tcpdump -n -e -tttt -vv -i pflog0 tcpdump: WARNING: pflog0: no IPv4 address assigned tcpdump: listening on pflog0, link-type PFLOG (OpenBSD pflog file), capture size 96 bytes |
Live and learn...
No comments:
Post a Comment