-
Notifications
You must be signed in to change notification settings - Fork 830
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
segmentation fault when using "-Z root" and "-w" #1103
Comments
You seem to be running Debian, which ships a patched version of tcpdump and also confines it in AppArmor by default. Some troubleshooting ideas:
|
hi, no luck, changing the filename with .pcap |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
tcpdump version 4.99.4
libpcap version 1.10.4 (with TPACKET_V3)
OpenSSL 3.1.4 24 Oct 2023
root@svr:~# uname -na
Linux svr 6.5.0-1-amd64 #1 SMP PREEMPT_DYNAMIC Debian 6.5.3-1 (2023-09-13) x86_64 GNU/Linux
with both options:
root@svr:~# tcpdump --print -Z root -A -n -i br0 net 224.1.1.1 and dst port 5556 -w /tmp/trace
Segmentation fault
only with "-w"
root@svr:~# tcpdump --print -A -n -i br0 net 224.1.1.1 and dst port 5556 -w /tmp/trace
tcpdump: listening on br0, link-type EN10MB (Ethernet), snapshot length 262144 bytes
0 packets captured
0 packets received by filter
0 packets dropped by kernel
only with "-Z root"
root@svr:~# tcpdump --print -Z root -A -n -i br0 net 224.1.1.1 and dst port 5556
tcpdump: verbose output suppressed, use -v[v]... for full protocol decode
listening on br0, link-type EN10MB (Ethernet), snapshot length 262144 bytes
0 packets captured
0 packets received by filter
0 packets dropped by kernel
I have no idea how to troubleshoot this or what more information to give you...
The text was updated successfully, but these errors were encountered: