Tcpdump interfaces
-
Hi,
Would it be possible having a tcpdump version so we can specify "any" as interface? It comes handy sometimes…
Latest pfsense:
[2.3.2-RELEASE][root@xxxxxx.xxx.xxx]/root: tcpdump –version
tcpdump: illegal option -- -
tcpdump version 4.4.0
libpcap version 1.4.0
[2.3.2-RELEASE][root@xxxxxx.xxx.xxx]/root: tcpdump -i any icmp
tcpdump: any: No such device existsagainst
$ tcpdump –version
tcpdump version 4.7.4
libpcap version 1.7.4
OpenSSL 1.0.2g 1 Mar 2016$ sudo tcpdump -i any icmp
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on any, link-type LINUX_SLL (Linux cooked), capture size 262144 bytesThanks,
Rubén.
+ -
It's a limitation of tcpdump on FreeBSD, nothing we can do about that.
Even on FreeBSD 11 with the latest tcpdump it does not work.
root@doctor:~ # /usr/local/sbin/tcpdump -i any tcpdump: any: No such device exists (BIOCSETIF failed: Device not configured) root@doctor:~ # /usr/local/sbin/tcpdump --version tcpdump version 4.8.0 libpcap version 1.8.0 OpenSSL 1.0.2j-freebsd 26 Sep 2016 root@doctor:~ # uname -a FreeBSD doctor.dw.example.com 11.0-RELEASE-p1 FreeBSD 11.0-RELEASE-p1 #0 r306420: Thu Sep 29 01:43:23 UTC 2016 root@releng2.nyi.freebsd.org:/usr/obj/usr/src/sys/GENERIC amd64