Ethereal-dev: Re: [ethereal-dev] AIX: gtk problem solved, now an ethereal problem

Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.

Date Index Thread Index Other Months All Mailing Lists
Date Prev Date Next Thread Prev Thread Next
From: Craig Rodrigues <rodrigc@xxxxxxxxxxxx>
Date: Wed, 10 Nov 1999 01:47:26 -0500
On Tue, Nov 09, 1999 at 03:45:36PM -0800, Guy Harris wrote:
> > Guy, can you give me a sample test snippet of code which
> > gets all the network interfaces on a system?
> 
> "get_interface_list()" does that with its SIOCGIFCONF call; you can rip
> all the gunk out of its loop, and just have it, say, spit out the names
> of the interfaces, one at a time.

OK, I cobbled and compiled this:
==========================================================================
#include <sys/types.h>
#include <sys/socket.h>
#include <sys/ioctl.h>
#include <net/if.h>
 
#include <stdio.h>
 
int main(int argc, char *argv[])
{
   int fd;
   struct ifconf ifc;
   struct  ifreq *ifr, *last;
 
fd =   socket(AF_INET, SOCK_DGRAM, 0);
   ifc.ifc_len = 1024 * sizeof(struct ifreq);
   ifc.ifc_buf = (char *)malloc(ifc.ifc_len);
 
   ioctl(fd, SIOCGIFCONF, &ifc);
  ifr  = (struct ifreq *) ifc.ifc_req;
  last = (struct ifreq *) ((char *) ifr + ifc.ifc_len);
 
  while (ifr < last){
          printf("%s\n", ifr->ifr_name);
#ifdef HAVE_SA_LEN
    ifr = (struct ifreq *) ((char *) ifr + ifr->ifr_addr.sa_len + IFNAMSIZ);
#else
    ifr = (struct ifreq *) ((char *) ifr + sizeof(struct ifreq));
#endif                                
  }
 return 0;
}                                                 
==========================================================================

It worked fine with the SIOCGIFCONF ioctl(), and I was able to
list the interfaces.  I tried OSIOCGIFCONF, and that didn't actually work. :)

I then tried re-running ethereal, and stepping into it with dbx.
I stepped into pcap_open_live().  It looks like pcap_open_live() fails..
The problem was deeper inside pcap, when it tried to open the
actual device to do the packet filtering.  When I compiled
libpcap with bpf filtering, the code would fail when it tried
to open /dev/bpf0 for a read (this file exists on AIX).

I then re-compiled libpcap for dlpi, but that didn't work either. 

bpf is undocumented and unsupported under AIX.  It is only there
to support the version of tcpdump that IBM hacked.

There is another packet filtering method under AIX called pfmod.  I'm not sure
if this is similar to the pfmod man page I saw under Solaris.

Does anyone have any ideas at this point?  I might have to get some
more information from IBM.
-- 
Craig Rodrigues        
http://www.gis.net/~craigr    
rodrigc@xxxxxxxxxxxx