Subject: Re: /dev/tap and tcpdump don't go together very well?
To: Rhialto <firstname.lastname@example.org>
From: Greg Troxel <email@example.com>
Date: 04/08/2007 09:39:01
So you have an emulator program, and it opens a /dev/tap, and
reads/writes packets and makes those appear to show up/come from the
emulated network interface on the PDP-10?
Then on the host are you bridging /dev/tap0 to a regular ethernet?
I think you are saying that if you then run 'tcpdump -i tap0' on the
host, then packets from host to emulator and emulator to host are
printed by tcpdump. But, without -p, then the packets from the host
towards the emulator are apparently not received.
I suggest adding a printf to the emulator when reading packets from the
In src/sys/dev/if_tap.c, see tap_dev_read. The call to bpf_tap looks
normal relative to other drivers.
Setting promiscuous mode will call net/if.c:ifpromisc which will call
net/if_ethersubr.c:ether_ioctl which will call tap_init.
tap_init calls tap_start, and that seems to introduce an extra wakeup
and OACTIVE flag, and that seems wrong. Try removing the tap_start call
from tap_init and rebuilding the host kernel.