On Aug 29, 2010, at 8:28 PM, Thomas Epperson wrote:
> I have seen a lot of guides that managed to get USB capture by using the command: sudo mount -t usbfs /dev/bus/usb /proc/bus/usb
> However, when I try this command here is the result
>
> mount: mount point /proc/bus/usb does not exist
Those instructions might be out of date.
> I have libpcap-1.1.1 and tcpdump-4.1.1 installed. I patched libpcap to use /dev/bus/usb instead of /proc/bus/usb,
If /sys/bus/usb/devices exists on your machine, you could have patched libpcap to use /dev/null and it probably *still* would have worked. The only thing when libpcap 1.1.1 from tcpdump.org uses /sys/bus/usb/devices or /proc/bus/usb for is to enumerate USB devices, not to capture on a USB bus (yes, I know, "USB bus" is like "ATM machine" or "PIN number" :-)), and it checks /sys/bus/usb/devices first and only uses /proc/bus/usb if it can't open /sys/bus/usb/devices.
I presume that the /sys/bus/usb/devices support was added due to kernel changes in the USB code; the message with the patch just said "Attached is some clean up for libpcap support of usbmon on Linux." about that part of the patch.