50 lines
1.6 KiB
Plaintext
50 lines
1.6 KiB
Plaintext
|
The following instructions are applicable to Tru64 UNIX
|
||
|
(formerly Digital UNIX (formerly DEC OSF/1)) version 4.0, and
|
||
|
probably to later versions as well; at least some options apply to
|
||
|
Digital UNIX 3.2 - perhaps all do.
|
||
|
|
||
|
In order to use kernel packet filtering on this system, you have
|
||
|
to configure it in such a way:
|
||
|
|
||
|
Kernel configuration
|
||
|
--------------------
|
||
|
|
||
|
The packet filtering kernel option must be enabled at kernel
|
||
|
installation. If it was not the case, you can rebuild the kernel with
|
||
|
"doconfig -c" after adding the following line in the kernel
|
||
|
configuration file (/sys/conf/<HOSTNAME>):
|
||
|
|
||
|
option PACKETFILTER
|
||
|
|
||
|
or use "doconfig" without any arguments to add the packet filter driver
|
||
|
option via the kernel option menu (see the system administration
|
||
|
documentation for information on how to do this).
|
||
|
|
||
|
Device configuration
|
||
|
--------------------
|
||
|
|
||
|
Devices used for packet filtering must be created thanks to
|
||
|
the following command (executed in the /dev directory):
|
||
|
|
||
|
./MAKEDEV pfilt
|
||
|
|
||
|
Interface configuration
|
||
|
-----------------------
|
||
|
|
||
|
In order to capture all packets on a network, you may want to allow
|
||
|
applications to put the interface on that network into "local copy"
|
||
|
mode, so that tcpdump can see packets sent by the host on which it's
|
||
|
running as well as packets received by that host, and to put the
|
||
|
interface into "promiscuous" mode, so that tcpdump can see packets on
|
||
|
the network segment not sent to the host on which it's running, by using
|
||
|
the pfconfig(1) command:
|
||
|
|
||
|
pfconfig +c +p <network_device>
|
||
|
|
||
|
or allow application to put any interface into "local copy" or
|
||
|
"promiscuous" mode by using the command:
|
||
|
|
||
|
pfconfig +c +p -a
|
||
|
|
||
|
Note: all instructions given require root privileges.
|