blob: 7fe1ef07b5306d670ad213c0c0a1d011d5a06dc5 [file] [log] [blame] [edit]
The following instructions are applicable to Tru64 UNIX
(formerly Digital UNIX (formerly DEC OSF/1)) version 4.0, and
probably to later versions as well; at least some options apply to
Digital UNIX 3.2 - perhaps all do.
In order to use kernel packet filtering on this system, you have
to configure it in such a way:
Kernel configuration
--------------------
The packet filtering kernel option must be enabled at kernel
installation. If it was not the case, you can rebuild the kernel with
"doconfig -c" after adding the following line in the kernel
configuration file (/sys/conf/<HOSTNAME>):
option PACKETFILTER
or use "doconfig" without any arguments to add the packet filter driver
option via the kernel option menu (see the system administration
documentation for information on how to do this).
Device configuration
--------------------
Devices used for packet filtering must be created thanks to
the following command (executed in the /dev directory):
./MAKEDEV pfilt
Interface configuration
-----------------------
In order to capture all packets on a network, you may want to allow
applications to put the interface on that network into "local copy"
mode, so that tcpdump can see packets sent by the host on which it's
running as well as packets received by that host, and to put the
interface into "promiscuous" mode, so that tcpdump can see packets on
the network segment not sent to the host on which it's running, by using
the pfconfig(1) command:
pfconfig +c +p <network_device>
or allow application to put any interface into "local copy" or
"promiscuous" mode by using the command:
pfconfig +c +p -a
Note: all instructions given require root privileges.