Wireshark · Wireshark-users: Re: [Wireshark-users] Playing trace/capture file in tcpreplay and reading out w/wireshark, using lo0

Wireshark-users: Re: [Wireshark-users] Playing trace/capture file in tcpreplay and reading out w/

From: Guy Harris <guy@xxxxxxxxxxxx>

Date: Wed, 20 Sep 2006 23:28:04 -0700

Netfortius wrote:

You're probably right - I do remember having been able to do something similaron Linux

Linux's loopback device has a link-layer type of Ethernet; the BSD onedoesn't.

(not with wireshark

There's nothing Wireshark-specific about this; you'd probably see thesame problem if you used tcpdump rather than Wireshark.

- but originating in tcpreplay - which defintelypoints the problem to this one), so it is probably a kernel modificationand/or libnet problem with the BSD *under* MacOSX' hood ... :(

What you need is a version of tcpreplay that will at least try totranslate Ethernet packet headers to BSD loopback packet headers; you'reunlikely ever to see a version of OS X (or any other BSD) with loopbackdevices using a link-layer type other than BPF_NULL or BPF_LOOP.

References:
- [Wireshark-users] Playing trace/capture file in tcpreplay and reading out w/wireshark, using lo0
  - From: Netfortius
- Re: [Wireshark-users] Playing trace/capture file in tcpreplay and reading out w/wireshark, using lo0
  - From: Guy Harris
- Re: [Wireshark-users] Playing trace/capture file in tcpreplay and reading out w/wireshark, using lo0
  - From: Netfortius

Prev by Date: Re: [Wireshark-users] Playing trace/capture file in tcpreplay and reading out w/wireshark, using lo0
Next by Date: Re: [Wireshark-users] Installing Wireshark in Fedora Core 5
Previous by thread: Re: [Wireshark-users] Playing trace/capture file in tcpreplay and reading out w/wireshark, using lo0
Next by thread: [Wireshark-users] Playing trace/capture file in tcpreplay and reading out w/wireshark, using lo0
Index(es):
- Date
- Thread