On Mon, May 05, 2003 at 04:06:35PM -0400, BONUCHI, MICHAEL ROGER (SBCSI) wrote:
> We're running Ethereal 0811 on AIX 4.3, on 2 different machines.
> Neither Ethereal installation can see anything but incoming traffic. Never
> is any outgoing traffic seen. Any suggestions as to what we did wrong or
> patches needed?
Patches to Ethereal are unlikely to make a difference - Ethereal doesn't
contain code to do the low-level work of capturing packets, it contains
code to call libpcap/WinPcap library routines to do that low-level work.
The current CVS version of libpcap, when configured to use BPF rather
than DLPI (BPF is the default in the current version), might work better
than older versions (regardless of whether the older versions use BPF or
DLPI); get the current CVS version from
http://www.tcpdump.org/
Look for "Current Tar files".
That might, as per the messages Martin Regner cited, solve your problem
- or, at least, alleviate it; some problems might simply be due to AIX's
BPF and DLPI both having problems, and there are limitations on what
libpcap can do to deal with problems in the underlying OS packet capture
mechanism it uses.