[dnscap-users] dnscap pcap_thread libpcap error - generic error
Josh Luthman
josh at imaginenetworksllc.com
Tue Apr 23 13:26:50 UTC 2019
I fixed it when I did:
-i ens32
I couldn't post before but hopefully this makes it through now.
Josh Luthman
Office: 937-552-2340
Direct: 937-552-2343
1100 Wayne St
Suite 1337
Troy, OH 45373
On Tue, Apr 23, 2019 at 9:13 AM Jerry Lundström <jerry at dns-oarc.net> wrote:
> Hi Josh,
>
> On 4/16/19 9:00 PM, Josh Luthman wrote:
> > *# dnscap -g*
> > dnscap: pcap_thread libpcap error [-1]: Generic error (pcap_compile())
>
> I've just verified this on my CentOS 7.6 test platform and I think it's
> something to do with that you didn't pick interface, if I run the same
> bpf using tcpdump it gives:
>
> # tcpdump '( ( ( ( udp port 53 and udp[10] & 0x78 = 0 and ( udp[10] &
> 0x2 = 0x2 or 0x2 << (udp[11] & 0xf) & 0xffffffff != 0 ) ) ) ) )'
> tcpdump: NFLOG link-layer type filtering not implemented
>
> But everything works if I specify the interface:
>
> # ./dnscap -i ens3 -g -ddddd
> dnscap: version 1.10.0
> dnscap: msg Q.., side IR, hide .., err NYtfsxir, t 0, c 0, C 0
> dnscap: "( ( ( ( udp port 53 and udp[10] & 0x78 = 0 and ( udp[10] & 0x2
> = 0x2 or 0x2 << (udp[11] & 0xf) & 0xffffffff != 0 ) ) ) ) )"
> ^Cdnscap: signalled break
>
> Try with the interface on your system that you want to capture on.
>
> Cheers,
> Jerry
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.dns-oarc.net/pipermail/dnscap-users/attachments/20190423/6b10bf45/attachment.html>
More information about the dnscap-users
mailing list