Ethereal-users: Re: [Ethereal-users] Has anybody got the solution to AIX libpcap problem?

Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.

Date Index Thread Index Other Months All Mailing Lists
Date Prev Date Next Thread Prev Thread Next
From: "Anand B" <anand@xxxxxxxxxxx>
Date: Sat, 25 May 2002 08:31:18 +0800
I believe I know something about this problem. Yesterday I noticed that
tcpdump and ethereal were not working giving me exactly the same error "do
not specify an existing file" and tried to figure out what the difference
was. I could get tcpdump to work by removing the "ethereal" directory under
/usr/local/lib, where some libraries are created when you build ethereal,
( make install ) although I am not quite sure if this is the exact solution
to the problem. Iam planning to work on it on Monday, as i dont want to
spoil my friday evening.


----- Original Message -----
From: "Guy Harris" <guy@xxxxxxxxxx>
To: "Anand B" <anand@xxxxxxxxxxx>
Cc: <ethereal-users@xxxxxxxxxxxx>
Sent: Thursday, May 23, 2002 2:45 AM
Subject: Re: [Ethereal-users] Has anybody got the solution to AIX libpcap
problem?


> On Wed, May 22, 2002 at 10:40:25PM +0800, Anand B wrote:
> > Excellent!! It worked !! I downloaded libpcap 0.7.1 source; built it
with
> > bpf and then built ethereal 0.9.4 using libpcap 0.7.1 and hurray -
ethereal
> > can capture outgoing packets as well.
>
> Cool.
>
> Unfortunately, the other guy who had problems with outgoing packets on
> AIX 4.3.3 when using libpcap-with-DLPI, Luke McKenna, reported, when
> *he* tried libpcap-with-BPF:
>
> Ok, I've done that.
> But now I cannot get tcpdump/ethereal to run.
>
> with tcpdump when I try
> "tcpdump -i en0", I get:
>
> "tcpdump: BIOCSETIF: en0: File exists"
>
> which looked similar to a problem somebody had with *AIX's* tcpdump
> (presumably using IBM's own code to use BPF):
>
> http://www.ethereal.com/lists/ethereal-dev/199911/msg00171.html
>
> where it printed
>
> # tcpdump
> tcpdump: BIOCSETIF: en0: Do not specify an existing file.
>
> (which looks as if it's a fancier version of "File exists"; perhaps
> AIX's tcpdump sets the locale, and in the C locale the error for EEXIST
> is "File exists" while in various en_{pick your country that speaks some
> derivative of the Queen's English} locales it's "Do not specify an
> existing file").
>
> When Luke tried AIX's tcpdump, it wasn't all that great either:
>
> With the tcpdump that comes with aix I just typed "tcpdump"
> and it started going (but only seeing incoming packets).
>
> so perhaps one of the problems is that AIX's BPF sometimes just acts
> strangely.  (Perhaps EEXIST means somebody else has already started
> sniffing on that device, although BSD's BPF appears not to have a
> problem with multiple processes snooping on the same network device, and
> EBUSY would have been the right error to return even if AIX's internals
> make it impossible to have multiple processes snooping on the same
> network device.)
>