Guy Harris wrote:
sagun shakya wrote:
When the features mentioned above integrate into Solaris, an
extensible way to open DLPI links under different directories will be
required. The libdlpi(3LIB) library provides an interface that
provides an abstraction around this so that DLPI applications do not
need to know where the actual DLPI link is located in the filesystem.
Is there an error returned by dlpi_open() that means "there is no such
network device? If so, which error is it?
A bogus linkname such as "foo" returns DLPI_ELINKNAMEINVAL (invalid DLPI
linkname).
If a linkname similar to a network device like "foo2" will return
DLPI_ENOLINK (DLPI link does not exist).
Also, is there an error that means "there is such a device, but you
don't have permission to open it"?
In this case a DL_SYSERR is returned i.e EACCES ("Permission denied")
I'd like to have libpcap be able to return special error codes for
those two errors in pcap_activate(), rather than reporting a generic
error indication with a text string, so the application can more
easily determine the specific error and perhaps treat those errors
specially - those errors are usually the result of the user mistyping
a device name or running the program without sufficient privileges, so
the application might want to indicate that more clearly.
Speaking of sufficient privileges, at least when I last tried it, you
could give users other than root privileges to open DLPI devices, but
you couldn't enable promiscuous mode unless you're root - and, in
non-promiscuous mode, you couldn't see outgoing traffic (I suppose one
could argue that outgoing traffic isn't being sent to your machine, so
you shouldn't see it in non-promiscuous mode - but, if you're trying
to capture your machine's traffic, you don't have an option to do
that; NDIS in Windows has a NDIS_PACKET_TYPE_ALL_LOCAL "filter" which
lets you see both incoming and outgoing packets, as well as
NDIS_PACKET_TYPE_DIRECTED to see incoming unicast packets,
NDIS_PACKET_TYPE_MULTICAST to see incoming multicast packets the
adapter is set up to see, NDIS_PACKET_TYPE_ALL_MULTICAST to see all
incoming multicast packets, NDIS_PACKET_TYPE_BROADCAST to see all
incoming broadcast packets, and NDIS_PACKET_TYPE_PROMISCUOUS to see
all incoming packets including those not intended for the host).
If a user other than root is given privileges to open a DLPI device
(permission like net_rawaccess), the user would be able to capture
packtes in promiscuous mode.
-Sagun
-
This is the tcpdump-workers list.
Visit https://cod.sandelman.ca/ to unsubscribe.
