Sh3ll
OdayForums


Server : Apache
System : Linux server1.cgrithy.com 3.10.0-1160.95.1.el7.x86_64 #1 SMP Mon Jul 24 13:59:37 UTC 2023 x86_64
User : nobody ( 99)
PHP Version : 8.1.23
Disable Function : NONE
Directory :  /usr/share/doc/wireshark-1.10.14/

Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

 

Current File : //usr/share/doc/wireshark-1.10.14/README.tru64
$Id$

The following instructions are applicable to Tru64 UNIX 
(formerly Digital UNIX (formerly DEC OSF/1)) version 4.0, and
probably to later versions as well; at least some options apply to
Digital UNIX 3.2 - perhaps all do.

In order to use kernel packet filtering on this system, you have
to configure it in such a way : 

Kernel configuration
--------------------

The packet filtering kernel option must be enabled at kernel
installation.  If it was not the case, you can rebuild the kernel with
"doconfig -c" after adding the following line in the kernel
configuration file (/sys/conf/<HOSTNAME>):

	option PACKETFILTER

or use "doconfig" without any arguments to add the packet filter driver
option via the kernel option menu (see the system administration
documentation for information on how to do this).

Device configuration
--------------------

Devices used for packet filtering must be created thanks to
the following command (executed in the /dev directory):

	./MAKEDEV pfilt

Interface configuration
-----------------------

In order to capture all packets on a network, you may want to allow
applications to put the interface on that network into "local copy"
mode, so that Wireshark can see packets sent by the host on which it's
running as well as packets received by that host, and to put the
interface into "promiscuous" mode, so that Wireshark can see packets on
the network segment not sent to the host on which it's running, by using
the pfconfig(1) command:

	pfconfig +c +p <network_device>

or allow application to put any interface into "local copy" or
"promiscuous" mode by using the command:

	pfconfig +c +p -a

Note: all instructions given require root privileges.

ZeroDay Forums Mini