Antonio I. said: > I try this: tcpdump host 192.168.2.8, my LAN IP. I get the same error > message as above. Is this the right way to do it? If so why am I getting > the "no suitable device found" message,
That depends on the OS on which you're running tcpdump and the account under which you're running it. > and what does that mean? > > Is this normal behaviour for a first-run of tcpdump? This program came > with my darwin dist OK, so the OS is Darwin/MacOS X. If you are running it as yourself, you will probably not have permission to capture packets, as you will not, by default, have permission to open the BPF devices: [localhost:/dev] % ls -l bpf* crw------- 1 root wheel 7, 0 Dec 25 14:19 bpf0 crw------- 1 root wheel 7, 1 Dec 25 14:09 bpf1 crw------- 1 root wheel 7, 2 Dec 25 14:09 bpf2 crw------- 1 root wheel 7, 3 Dec 25 14:09 bpf3 You would either have to 1) run it as root using "sudo"; 2) use "sudo" to change the ownership of the BPF devices to yourself (unfortunately, it appears that a "chown" doesn't pass through the union mount to the underlying file system, or that the system "fixes" the ownership of those devices when it boots, as when I changed it, it didn't survive a reboot). - This is the TCPDUMP workers list. It is archived at http://www.tcpdump.org/lists/workers/index.html To unsubscribe use mailto:[EMAIL PROTECTED]?body=unsubscribe
