I got new copies of linux (2.6.21.1), wireshark and libpcap.
I'm getting lots of "packets truncated" in the usb protocol...I thought with the binary protcol
it doesn't have that problem...
Also I put it into strace -- if we're sniffing usb2 -- why are we opening usbmon1-4?
From strace:
pen("/proc/bus/usb", O_RDONLY|O_NONBLOCK|O_LARGEFILE|O_DIRECTORY) = 8
open("/dev/usbmon4", O_RDONLY) = 9
open("/dev/usbmon3", O_RDONLY) = 9
open("/dev/usbmon2", O_RDONLY) = 9
open("/dev/usbmon1", O_RDONLY) = 9
open("/proc/bus/usb", O_RDONLY|O_NONBLOCK|O_LARGEFILE|O_DIRECTORY) = 8
open("/dev/usbmon4", O_RDONLY) = 9
open("/dev/usbmon3", O_RDONLY) = 9
open("/dev/usbmon2", O_RDONLY) = 9
open("/dev/usbmon1", O_RDONLY) = 9
open("/proc/bus/usb", O_RDONLY|O_NONBLOCK|O_LARGEFILE|O_DIRECTORY) = 8
open("/dev/usbmon4", O_RDONLY) = 9
open("/dev/usbmon3", O_RDONLY) = 9
open("/dev/usbmon2", O_RDONLY) = 9
open("/dev/usbmon1", O_RDONLY) = 9
--- SIGCHLD (Child exited) @ 0 (0) ---
open("/proc/bus/usb", O_RDONLY|O_NONBLOCK|O_LARGEFILE|O_DIRECTORY) = 8
open("/dev/usbmon4", O_RDONLY) = 9
open("/dev/usbmon3", O_RDONLY) = 9
open("/dev/usbmon2", O_RDONLY) = 9
open("/dev/usbmon1", O_RDONLY) = 9
open("/opt/kde3/share/icons/default.kde/22x22/actions/filesave.png", O_RDONLY|O_LARGEFILE) = 6
open("/root/.icons/crystalwhite/cursors/xterm", O_RDONLY) = -1 ENOENT (No such file or directory)
open("/root/.icons/crystalwhite/index.theme", O_RDONLY) = -1 ENOENT (No such file or directory)
open("/usr/share/icons/crystalwhite/cursors/xterm", O_RDONLY) = 6
open("/root/.icons/crystalwhite/cursors/xterm", O_RDONLY) = -1 ENOENT (No such file or directory)
open("/root/.icons/crystalwhite/index.theme", O_RDONLY) = -1 ENOENT (No such file or directory)
open("/usr/share/icons/crystalwhite/cursors/xterm", O_RDONLY) = 6
open("/root/.icons/crystalwhite/cursors/xterm", O_RDONLY) = -1 ENOENT (No such file or directory)
open("/root/.icons/crystalwhite/index.theme", O_RDONLY) = -1 ENOENT (No such file or directory)
open("/usr/share/icons/crystalwhite/cursors/xterm", O_RDONLY) = 6
marty
