Ubuntu
libpcap0.8 package

Bug #355613
Comment #1

Comment 1 for bug 355613

Revision history for this message

Neil Wilson (neil-aldur) wrote on 2009-04-05:

Actually it looks like it is an enumeration problem stopping wireshark getting the interfaces.

tcpdump -D shows:

root@neil-laptop:/var/log# tcpdump -D
1.eth0
2.wmaster0
3.wlan0
4.any (Pseudo-device that captures on all interfaces)
5.lo

tcpdump -i usb3 shows:

root@neil-laptop:/var/log# tcpdump -i usb3
tcpdump: Can't open USB bus file /sys/kernel/debug/usbmon/3t: Permission denied

with kern.log showing:

Apr 5 13:47:30 neil-laptop kernel: [ 3407.917155] type=1503 audit(1238935650.458:20): operation="inode_permission" requested_mask="r::" denied_mask="r::" fsuid=0 name="/dev/usbmon3" pid=5687 profile="/usr/sbin/tcpdump"
Apr 5 13:47:30 neil-laptop kernel: [ 3407.917194] type=1503 audit(1238935650.458:21): operation="inode_permission" requested_mask="r::" denied_mask="r::" fsuid=0 name="/sys/kernel/debug/usbmon/3t" pid=5687 profile="/usr/sbin/tcpdump"

So it looks like the facility is there - just not exposed in the user interface, nor allowed by the audit module.

Ubuntulibpcap0.8 package

Comment 1 for bug 355613

Ubuntu
libpcap0.8 package