Wireshark

  • Riverbed Technology
  • WinPcap
the world's foremost network protocol analyzer
  • Wireshark
    • About
    • Download
    • Blog
  • Get Help
    • Ask a Question
    • FAQs
    • Documentation
    • Mailing Lists
    • Online Tools
    • Wiki
    • Bug Tracker
  • Develop
    • Get Involved
    • Developer's Guide
    • Browse the Code
    • Latest Builds

Wireshark-dev: [Wireshark-dev] sniffing a device with wireshark on linux

Date Index Thread Index Other Months All Mailing Lists
Date Prev Date Next Thread Prev Thread Next


From: marty <leisner@xxxxxxxxxxxxxxxx>
Date: Sat, 5 May 2007 00:12:10 -0400

I got new copies of linux (2.6.21.1), wireshark and libpcap.

I'm getting lots of "packets truncated" in the usb protocol...I thought with the binary protcol 
it doesn't have that problem...

Also I put it into strace -- if we're sniffing usb2 -- why are we opening usbmon1-4?


From strace:
pen("/proc/bus/usb", O_RDONLY|O_NONBLOCK|O_LARGEFILE|O_DIRECTORY) = 8
open("/dev/usbmon4", O_RDONLY)          = 9
open("/dev/usbmon3", O_RDONLY)          = 9
open("/dev/usbmon2", O_RDONLY)          = 9
open("/dev/usbmon1", O_RDONLY)          = 9
open("/proc/bus/usb", O_RDONLY|O_NONBLOCK|O_LARGEFILE|O_DIRECTORY) = 8
open("/dev/usbmon4", O_RDONLY)          = 9
open("/dev/usbmon3", O_RDONLY)          = 9
open("/dev/usbmon2", O_RDONLY)          = 9
open("/dev/usbmon1", O_RDONLY)          = 9
open("/proc/bus/usb", O_RDONLY|O_NONBLOCK|O_LARGEFILE|O_DIRECTORY) = 8
open("/dev/usbmon4", O_RDONLY)          = 9
open("/dev/usbmon3", O_RDONLY)          = 9
open("/dev/usbmon2", O_RDONLY)          = 9
open("/dev/usbmon1", O_RDONLY)          = 9
--- SIGCHLD (Child exited) @ 0 (0) ---
open("/proc/bus/usb", O_RDONLY|O_NONBLOCK|O_LARGEFILE|O_DIRECTORY) = 8
open("/dev/usbmon4", O_RDONLY)          = 9
open("/dev/usbmon3", O_RDONLY)          = 9
open("/dev/usbmon2", O_RDONLY)          = 9
open("/dev/usbmon1", O_RDONLY)          = 9
open("/opt/kde3/share/icons/default.kde/22x22/actions/filesave.png", O_RDONLY|O_LARGEFILE) = 6
open("/root/.icons/crystalwhite/cursors/xterm", O_RDONLY) = -1 ENOENT (No such file or directory)
open("/root/.icons/crystalwhite/index.theme", O_RDONLY) = -1 ENOENT (No such file or directory)
open("/usr/share/icons/crystalwhite/cursors/xterm", O_RDONLY) = 6
open("/root/.icons/crystalwhite/cursors/xterm", O_RDONLY) = -1 ENOENT (No such file or directory)
open("/root/.icons/crystalwhite/index.theme", O_RDONLY) = -1 ENOENT (No such file or directory)
open("/usr/share/icons/crystalwhite/cursors/xterm", O_RDONLY) = 6
open("/root/.icons/crystalwhite/cursors/xterm", O_RDONLY) = -1 ENOENT (No such file or directory)
open("/root/.icons/crystalwhite/index.theme", O_RDONLY) = -1 ENOENT (No such file or directory)
open("/usr/share/icons/crystalwhite/cursors/xterm", O_RDONLY) = 6

marty
  • Follow-Ups:
    • Re: [Wireshark-dev] sniffing a device with wireshark on linux
      • From: Paolo Abeni
  • Prev by Date: [Wireshark-dev] Makefile nits
  • Next by Date: Re: [Wireshark-dev] [Wireshark-commits] rev 21669: /trunk/epan/dissectors/ /trunk/epan/dissectors/: packet-dcerpc-winreg.c /trunk/epan/dissectors/pidl/: winreg.cnf
  • Previous by thread: [Wireshark-dev] Makefile nits
  • Next by thread: Re: [Wireshark-dev] sniffing a device with wireshark on linux
  • Index(es):
    • Date
    • Thread

Wireshark and the "fin" logo are registered trademarks of the Wireshark Foundation