skip pflog interfaces in pcap_lookupdev()

joshua stein Wed, 07 Aug 2013 23:31:14 -0700

Running tcpdump with no -i arg finds a good interface to listen on
by default on many machines, but on my laptop it finds pflog0 before
urtwn0.  Can we skip pflog interfaces like loopbacks?


I had a version that looked up the interface in the egress group but
this is much simpler since pflog0 is usually the only other up
interface that isn't important.


Index: lib/libpcap/inet.c
===================================================================
RCS file: /cvs/src/lib/libpcap/inet.c,v
retrieving revision 1.19
diff -u -p -u -p -r1.19 inet.c
--- lib/libpcap/inet.c  26 Mar 2006 20:58:50 -0000      1.19
+++ lib/libpcap/inet.c  8 Aug 2013 05:10:19 -0000
@@ -141,6 +141,8 @@ pcap_lookupdev(errbuf)
                        continue;
                if (ISLOOPBACK(ifa->ifa_name, ifa->ifa_flags))
                        continue;
+               if (!strncmp(ifa->ifa_name, "pflog", 5))
+                       continue;
                for (cp = ifa->ifa_name; !isdigit(*cp); ++cp)
                        continue;
                n = atoi(cp);

skip pflog interfaces in pcap_lookupdev()

Reply via email to