RSS

tcpdumpが動かん

tcpdumpが動かん。wiresharkも動かん。

    付与されたタグ:
  • Debian

パケットキャプチャしようとしたらtcpdumpもなにもかもが動かない。

# tcpdump 
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on eth0, link-type EN10MB (Ethernet), capture size 96 bytes
01:22:26.123874 7d:c0:00:00:00:00 (oui Unknown) > yy:zz:00:xx:xx:xx
(oui Unknown) Null Information, send seq 0, rcv seq 0, Flags [Command],
length 4294967282
01:22:26.123874 01:80:c2:00:00:00 (oui Unknown) Unknown SSAP 0x92 >
00:00:00:00:00:00 (oui Ethernet) STP Supervisory, Receiver Ready, rcv
seq 69, Flags [Final], length 4294967282
tcpdump: pcap_loop: corrupted frame on kernel ring mac offset 94 + caplen 168 > frame len 160
2 packets captured
3 packets received by filter
0 packets dropped by kernel
#
libpcap(Bug#517098)が原因らしい。linux-image-2.6.26-1-amd64だと駄目だとさ。686-bigmemでやったら動いた。む。