This problem was resolved as a Digital UNIX/Tru64 UNIX problem. The
packetfilter stuff needed to be configured.
At 01:57 AM 10/26/00 -0700, Guy Harris wrote:
>On Wed, Oct 25, 2000 at 09:06:02AM -0600, John McDermott wrote:
>> Neither message says what OS is being run, but recall that there are
>> problems with RedHat and some versions of libpcap.
>
>To which problems are you referring?
>
>There is a generic Linux problem with libpcap, mentioned in question 3.2
>in the Ethereal FAQ:
>
> Q 3.2: Under Linux, the program freezes while trying to do a
> live capture.
>
> A: If you're running version 0.8.2 or later, this problem
> shouldn't present itself.
>
> Ethereal uses the libpcap library to perform live captures. The
> stock libpcap doesn't implement a feature that returns control
> to the calling application if the network is idle. In Ethereal
> versions prior to 0.8.2, the program would freeze during
> captures as a result. 0.8.2 introduced code to work around the
> problem.
>
>but
>
> 1) that's not a problem only with Red Hat;
>
> 2) Ethereal has worked around it since 0.8.2
>
>> If you are running a
>> recent RH, be sure to get the correct libpcap from the ethereal ftp
>> site: ftp.zing.org (possibly:
>> ftp://ftp.zing.org/pub/ethereal/rpms/libpcap-0.4-16ethereal.i386.rpm
>> depending on your system).
>
>...so you don't need to get an updated libpcap to work around that
>problem, at least.
>
>There is another problem with Red Hat, which is that the RH 6.1 libpcap
>writes out files that are *not* in the standard libpcap format but that
>have the standard libpcap magic number; however
>
> 1) Ethereal doesn't use libpcap to write its capture files
>
>and
>
> 2) Ethereal doesn't use libpcap to read its capture files *and*
> the library it uses performs some unnatural acts in order to
> try to figure out which of the four count 'em four different
> flavors of libpcap format a file is in
>
>and
>
> 3) Red Hat upgraded libpcap in 6.2 to a version that writes out
> the files with a changed magic number and that can read
> standard libpcap files as well
>
>so the only problem there is that files written by Ethereal are readable
>by the standard RH 6.1 libpcap only if you choose "Red Hat Linux 6.1
>libpcap" format in the "Save As" dialog box.
>
>(Note also that the Ethereal FTP site is now "ftp.ethereal.com", not
>"ftp.zing.org".)
>
Regards
-------
Richard Sharpe, sharpe@xxxxxxxxxx
Samba (Team member, www.samba.org), Ethereal (Team member, www.zing.org)
Contributing author, SAMS Teach Yourself Samba in 24 Hours
Author, Special Edition, Using Samba
