Esempio n. 1
0
/**********************************************************************
*%FUNCTION: openInterface
*%ARGUMENTS:
* ifname -- name of interface
* type -- Ethernet frame type
* hwaddr -- if non-NULL, set to the hardware address
*%RETURNS:
* A raw socket for talking to the Ethernet card.  Exits on error.
*%DESCRIPTION:
* Opens a raw Ethernet socket
***********************************************************************/
int
openInterface(char const *ifname, UINT16_t type, unsigned char *hwaddr)
{
    int fd;
    long buf[MAXDLBUF]; 

	union   DL_primitives   *dlp;

    char base_dev[PATH_MAX]; 
    int ppa; 

    if(strlen(ifname) > PATH_MAX) {
	fatallog("openInterface: interface name too long"); 
    }

    ppa = atoi(&ifname[strlen(ifname)-1]);
    strncpy(base_dev, ifname, PATH_MAX); 
    base_dev[strlen(base_dev)-1] = '\0'; 

/* rearranged order of DLPI code - delphys 20010803 */
    dlp = (union DL_primitives*) buf;

    if (( fd = open(base_dev, O_RDWR)) < 0) {
	/* Give a more helpful message for the common error case */
	if (errno == EPERM) {
	    fatallog("Cannot create raw socket -- pppoe must be run as root.");
	}
	fatallog("open(%s): %m", base_dev);
    }

/* rearranged order of DLPI code - delphys 20010803 */
    dlattachreq(fd, ppa); 
    dlokack(fd, (char *)buf);

    dlbindreq(fd, type, 0, DL_CLDLS, 0, 0);
    dlbindack(fd, (char *)buf);

    dlinforeq(fd);
    dlinfoack(fd, (char *)buf);

    dl_abssaplen = ABS(dlp->info_ack.dl_sap_length);
    dl_saplen = dlp->info_ack.dl_sap_length;
    if (ETHERADDRL != (dlp->info_ack.dl_addr_length - dl_abssaplen))
	fatallog("invalid destination physical address length");
    dl_addrlen = dl_abssaplen + ETHERADDRL;

/* ethernet address retrieved as part of DL_INFO_ACK - delphys 20010803 */
    memcpy(hwaddr, (u_char*)((char*)(dlp) + (int)(dlp->info_ack.dl_addr_offset)), ETHERADDRL);

    if ( strioctl(fd, DLIOCRAW, -1, 0, NULL) < 0 ) { 
	fatallog("DLIOCRAW: %m"); 
    }

    if (ioctl(fd, I_FLUSH, FLUSHR) < 0)
	fatallog("I_FLUSH: %m");

    return fd;
}
Esempio n. 2
0
int
libnet_open_link(libnet_t *l)
{
    register char *cp;
    char *eos;
    register int ppa;
    register dl_info_ack_t *infop;
    bpf_u_int32 buf[MAXDLBUF];
    char dname[100];
#ifndef HAVE_DEV_DLPI
    char dname2[100];
#endif

    if (l == NULL)
    { 
        return (-1);
    } 

    /*
     *  Determine device and ppa
     */
    cp = strpbrk(l->device, "0123456789");
    if (cp == NULL)
    {
        sprintf(l->err_buf, "%s missing unit number", l->device);
        goto bad;
    }
    ppa = strtol(cp, &eos, 10);
    if (*eos != '\0')
    {
        snprintf(l->err_buf, LIBNET_ERRBUF_SIZE,
                "libnet_open_link: %s bad unit number", l->device);
        goto bad;
    }

    if (*(l->device) == '/')
    {
        memset(&dname, 0, sizeof(dname));
        strncpy(dname, l->device, sizeof(dname) - 1);
    }
    else
    {
        sprintf(dname, "%s/%s", DLPI_DEV_PREFIX, l->device);
    }
#ifdef HAVE_DEV_DLPI
    /*
     *  Map network device to /dev/dlpi unit
     */
    cp = "/dev/dlpi";

    l->fd = open(cp, O_RDWR);
    if (l->fd == -1)
    {
        snprintf(l->err_buf, LIBNET_ERRBUF_SIZE,
                "libnet_open_link: %s: %s", cp, 
                strerror(errno));
        goto bad;
    }

    /*
     *  Map network interface to /dev/dlpi unit
     */
    ppa = get_dlpi_ppa(l->fd, dname, ppa, l->err_buf);
    if (ppa < 0)
    {
        goto bad;
    }
#else
    /*
     *  Try device without unit number
     */
    strcpy(dname2, dname);
    cp = strchr(dname, *cp);
    *cp = '\0';

    l->fd = open(dname, O_RDWR);
    if (l->fd == -1)
    {
        if (errno != ENOENT)
        {
            snprintf(l->err_buf, LIBNET_ERRBUF_SIZE,
                    "libnet_open_link: %s: %s", dname, strerror(errno));
            goto bad;
        }

        /*
         *  Try again with unit number
         */
        l->fd = open(dname2, O_RDWR);
        if (l->fd == -1)
        {
            snprintf(l->err_buf, LIBNET_ERRBUF_SIZE,
                    "libnet_open_link: %s: %s", dname2, strerror(errno));
            goto bad;
        }

        cp = dname2;
        while (*cp && !isdigit((int)*cp)) cp++;
        if (*cp) ppa = atoi(cp);
        else
        /*
         *  XXX Assume unit zero
         */
        ppa = 0;
    }
#endif
    /*
     *  Attach if "style 2" provider
     */
    if (dlinforeq(l->fd, l->err_buf) < 0 ||
            dlinfoack(l->fd, (char *)buf, l->err_buf) < 0)
    {
        goto bad;
    }
    infop = &((union DL_primitives *)buf)->info_ack;
    if (infop->dl_provider_style == DL_STYLE2 &&
            (dlattachreq(l->fd, ppa, l->err_buf)
            < 0 || dlokack(l->fd, "attach", (char *)buf, l->err_buf) < 0))
    {
        goto bad;
    }

    /*
     *  Bind HP-UX 9 and HP-UX 10.20
     */
#if defined(HAVE_HPUX9) || defined(HAVE_HPUX10_20) || defined(HAVE_HPUX11) || defined(HAVE_SOLARIS)
    if (dlbindreq(l->fd, 0, l->err_buf) < 0 ||
            dlbindack(l->fd, (char *)buf, l->err_buf) < 0)
    {
        goto bad;
    }
#endif

    /*
     *  Determine link type
     */
    if (dlinforeq(l->fd, l->err_buf) < 0 ||
            dlinfoack(l->fd, (char *)buf, l->err_buf) < 0)
    {
        goto bad;
    }

    infop = &((union DL_primitives *)buf)->info_ack;
    switch (infop->dl_mac_type)
    {
        case DL_CSMACD:
        case DL_ETHER:
            l->link_type    = DLT_EN10MB;
            l->link_offset  = 0xe;
            break;
        case DL_FDDI:
            l->link_type    = DLT_FDDI;
            l->link_offset  = 0x15;
            break;
        default:
            sprintf(l->err_buf, "libnet_open_link: unknown mac type 0x%lu",
                    (unsigned long) infop->dl_mac_type);
            goto bad;
    }

#ifdef	DLIOCRAW
    /*
     *  This is a non standard SunOS hack to get the ethernet header.
     */
    if (strioctl(l->fd, DLIOCRAW, 0, NULL) < 0)
    {
        sprintf(l->err_buf, "libnet_open_link: DLIOCRAW: %s", strerror(errno));
        goto bad;
    }
#endif

    return (1);
bad:
    if (l->fd > 0)
    {
        close(l->fd);      /* this can fail ok */
    }
    return (-1);
}
static int
pcap_activate_dlpi(pcap_t *p)
{
#ifdef DL_HP_RAWDLS
	struct pcap_dlpi *pd = p->priv;
#endif
	int status = 0;
	int retv;
	register char *cp;
	int ppa;
#ifdef HAVE_SOLARIS
	int isatm = 0;
#endif
	register dl_info_ack_t *infop;
#ifdef HAVE_SYS_BUFMOD_H
	bpf_u_int32 ss;
#ifdef HAVE_SOLARIS
	register char *release;
	bpf_u_int32 osmajor, osminor, osmicro;
#endif
#endif
	bpf_u_int32 buf[MAXDLBUF];
	char dname[100];
#ifndef HAVE_DEV_DLPI
	char dname2[100];
#endif

#ifdef HAVE_DEV_DLPI
	/*
	** Remove any "/dev/" on the front of the device.
	*/
	cp = strrchr(p->opt.source, '/');
	if (cp == NULL)
		strlcpy(dname, p->opt.source, sizeof(dname));
	else
		strlcpy(dname, cp + 1, sizeof(dname));

	/*
	 * Split the device name into a device type name and a unit number;
	 * chop off the unit number, so "dname" is just a device type name.
	 */
	cp = split_dname(dname, &ppa, p->errbuf);
	if (cp == NULL) {
		status = PCAP_ERROR_NO_SUCH_DEVICE;
		goto bad;
	}
	*cp = '\0';

	/*
	 * Use "/dev/dlpi" as the device.
	 *
	 * XXX - HP's DLPI Programmer's Guide for HP-UX 11.00 says that
	 * the "dl_mjr_num" field is for the "major number of interface
	 * driver"; that's the major of "/dev/dlpi" on the system on
	 * which I tried this, but there may be DLPI devices that
	 * use a different driver, in which case we may need to
	 * search "/dev" for the appropriate device with that major
	 * device number, rather than hardwiring "/dev/dlpi".
	 */
	cp = "/dev/dlpi";
	if ((p->fd = open(cp, O_RDWR)) < 0) {
		if (errno == EPERM || errno == EACCES)
			status = PCAP_ERROR_PERM_DENIED;
		else
			status = PCAP_ERROR;
		snprintf(p->errbuf, PCAP_ERRBUF_SIZE,
		    "%s: %s", cp, pcap_strerror(errno));
		goto bad;
	}

#ifdef DL_HP_RAWDLS
	/*
	 * XXX - HP-UX 10.20 and 11.xx don't appear to support sending and
	 * receiving packets on the same descriptor - you need separate
	 * descriptors for sending and receiving, bound to different SAPs.
	 *
	 * If the open fails, we just leave -1 in "pd->send_fd" and reject
	 * attempts to send packets, just as if, in pcap-bpf.c, we fail
	 * to open the BPF device for reading and writing, we just try
	 * to open it for reading only and, if that succeeds, just let
	 * the send attempts fail.
	 */
	pd->send_fd = open(cp, O_RDWR);
#endif

	/*
	 * Get a table of all PPAs for that device, and search that
	 * table for the specified device type name and unit number.
	 */
	ppa = get_dlpi_ppa(p->fd, dname, ppa, p->errbuf);
	if (ppa < 0) {
		status = ppa;
		goto bad;
	}
#else
	/*
	 * If the device name begins with "/", assume it begins with
	 * the pathname of the directory containing the device to open;
	 * otherwise, concatenate the device directory name and the
	 * device name.
	 */
	if (*p->opt.source == '/')
		strlcpy(dname, p->opt.source, sizeof(dname));
	else
		snprintf(dname, sizeof(dname), "%s/%s", PCAP_DEV_PREFIX,
		    p->opt.source);

	/*
	 * Get the unit number, and a pointer to the end of the device
	 * type name.
	 */
	cp = split_dname(dname, &ppa, p->errbuf);
	if (cp == NULL) {
		status = PCAP_ERROR_NO_SUCH_DEVICE;
		goto bad;
	}

	/*
	 * Make a copy of the device pathname, and then remove the unit
	 * number from the device pathname.
	 */
	strlcpy(dname2, dname, sizeof(dname));
	*cp = '\0';

	/* Try device without unit number */
	if ((p->fd = open(dname, O_RDWR)) < 0) {
		if (errno != ENOENT) {
			if (errno == EPERM || errno == EACCES)
				status = PCAP_ERROR_PERM_DENIED;
			else
				status = PCAP_ERROR;
			snprintf(p->errbuf, PCAP_ERRBUF_SIZE, "%s: %s", dname,
			    pcap_strerror(errno));
			goto bad;
		}

		/* Try again with unit number */
		if ((p->fd = open(dname2, O_RDWR)) < 0) {
			if (errno == ENOENT) {
				status = PCAP_ERROR_NO_SUCH_DEVICE;

				/*
				 * We provide an error message even
				 * for this error, for diagnostic
				 * purposes (so that, for example,
				 * the app can show the message if the
				 * user requests it).
				 *
				 * In it, we just report "No DLPI device
				 * found" with the device name, so people
				 * don't get confused and think, for example,
				 * that if they can't capture on "lo0"
				 * on Solaris the fix is to change libpcap
				 * (or the application that uses it) to
				 * look for something other than "/dev/lo0",
				 * as the fix is to look for an operating
				 * system other than Solaris - you just
				 * *can't* capture on a loopback interface
				 * on Solaris, the lack of a DLPI device
				 * for the loopback interface is just a
				 * symptom of that inability.
				 */
				snprintf(p->errbuf, PCAP_ERRBUF_SIZE,
				    "%s: No DLPI device found", p->opt.source);
			} else {
				if (errno == EPERM || errno == EACCES)
					status = PCAP_ERROR_PERM_DENIED;
				else
					status = PCAP_ERROR;
				snprintf(p->errbuf, PCAP_ERRBUF_SIZE, "%s: %s",
				    dname2, pcap_strerror(errno));
			}
			goto bad;
		}
		/* XXX Assume unit zero */
		ppa = 0;
	}
#endif

	/*
	** Attach if "style 2" provider
	*/
	if (dlinforeq(p->fd, p->errbuf) < 0 ||
	    dlinfoack(p->fd, (char *)buf, p->errbuf) < 0) {
		status = PCAP_ERROR;
		goto bad;
	}
	infop = &(MAKE_DL_PRIMITIVES(buf))->info_ack;
#ifdef HAVE_SOLARIS
	if (infop->dl_mac_type == DL_IPATM)
		isatm = 1;
#endif
	if (infop->dl_provider_style == DL_STYLE2) {
		retv = dl_doattach(p->fd, ppa, p->errbuf);
		if (retv < 0) {
			status = retv;
			goto bad;
		}
#ifdef DL_HP_RAWDLS
		if (pd->send_fd >= 0) {
			retv = dl_doattach(pd->send_fd, ppa, p->errbuf);
			if (retv < 0) {
				status = retv;
				goto bad;
			}
		}
#endif
	}

	if (p->opt.rfmon) {
		/*
		 * This device exists, but we don't support monitor mode
		 * any platforms that support DLPI.
		 */
		status = PCAP_ERROR_RFMON_NOTSUP;
		goto bad;
	}

#ifdef HAVE_DLPI_PASSIVE
	/*
	 * Enable Passive mode to be able to capture on aggregated link.
	 * Not supported in all Solaris versions.
	 */
	dlpassive(p->fd, p->errbuf);
#endif
	/*
	** Bind (defer if using HP-UX 9 or HP-UX 10.20 or later, totally
	** skip if using SINIX)
	*/
#if !defined(HAVE_HPUX9) && !defined(HAVE_HPUX10_20_OR_LATER) && !defined(sinix)
#ifdef _AIX
	/*
	** AIX.
	** According to IBM's AIX Support Line, the dl_sap value
	** should not be less than 0x600 (1536) for standard Ethernet.
	** However, we seem to get DL_BADADDR - "DLSAP addr in improper
	** format or invalid" - errors if we use 1537 on the "tr0"
	** device, which, given that its name starts with "tr" and that
	** it's IBM, probably means a Token Ring device.  (Perhaps we
	** need to use 1537 on "/dev/dlpi/en" because that device is for
	** D/I/X Ethernet, the "SAP" is actually an Ethernet type, and
	** it rejects invalid Ethernet types.)
	**
	** So if 1537 fails, we try 2, as Hyung Sik Yoon of IBM Korea
	** says that works on Token Ring (he says that 0 does *not*
	** work; perhaps that's considered an invalid LLC SAP value - I
	** assume the SAP value in a DLPI bind is an LLC SAP for network
	** types that use 802.2 LLC).
	*/
	if ((dlbindreq(p->fd, 1537, p->errbuf) < 0 &&
	     dlbindreq(p->fd, 2, p->errbuf) < 0) ||
	     dlbindack(p->fd, (char *)buf, p->errbuf, NULL) < 0) {
		status = PCAP_ERROR;
		goto bad;
	}
#elif defined(DL_HP_RAWDLS)
	/*
	** HP-UX 10.0x and 10.1x.
	*/
	if (dl_dohpuxbind(p->fd, p->errbuf) < 0) {
		status = PCAP_ERROR;
		goto bad;
	}
	if (pd->send_fd >= 0) {
		/*
		** XXX - if this fails, just close send_fd and
		** set it to -1, so that you can't send but can
		** still receive?
		*/
		if (dl_dohpuxbind(pd->send_fd, p->errbuf) < 0) {
			status = PCAP_ERROR;
			goto bad;
		}
	}
#else /* neither AIX nor HP-UX */
	/*
	** Not Sinix, and neither AIX nor HP-UX - Solaris, and any other
	** OS using DLPI.
	**/
	if (dlbindreq(p->fd, 0, p->errbuf) < 0 ||
	    dlbindack(p->fd, (char *)buf, p->errbuf, NULL) < 0) {
	    	status = PCAP_ERROR;
		goto bad;
	}
#endif /* AIX vs. HP-UX vs. other */
#endif /* !HP-UX 9 and !HP-UX 10.20 or later and !SINIX */

#ifdef HAVE_SOLARIS
	if (isatm) {
		/*
		** Have to turn on some special ATM promiscuous mode
		** for SunATM.
		** Do *NOT* turn regular promiscuous mode on; it doesn't
		** help, and may break things.
		*/
		if (strioctl(p->fd, A_PROMISCON_REQ, 0, NULL) < 0) {
			status = PCAP_ERROR;
			snprintf(p->errbuf, PCAP_ERRBUF_SIZE,
			    "A_PROMISCON_REQ: %s", pcap_strerror(errno));
			goto bad;
		}
	} else
#endif
	if (p->opt.promisc) {
		/*
		** Enable promiscuous (not necessary on send FD)
		*/
		retv = dlpromiscon(p, DL_PROMISC_PHYS);
		if (retv < 0) {
			if (retv == PCAP_ERROR_PERM_DENIED)
				status = PCAP_ERROR_PROMISC_PERM_DENIED;
			else
				status = retv;
			goto bad;
		}

		/*
		** Try to enable multicast (you would have thought
		** promiscuous would be sufficient). (Skip if using
		** HP-UX or SINIX) (Not necessary on send FD)
		*/
#if !defined(__hpux) && !defined(sinix)
		retv = dlpromiscon(p, DL_PROMISC_MULTI);
		if (retv < 0)
			status = PCAP_WARNING;
#endif
	}
	/*
	** Try to enable SAP promiscuity (when not in promiscuous mode
	** when using HP-UX, when not doing SunATM on Solaris, and never
	** under SINIX) (Not necessary on send FD)
	*/
#ifndef sinix
#if defined(__hpux)
	/* HP-UX - only do this when not in promiscuous mode */
	if (!p->opt.promisc) {
#elif defined(HAVE_SOLARIS)
	/* Solaris - don't do this on SunATM devices */
	if (!isatm) {
#else
	/* Everything else (except for SINIX) - always do this */
	{
#endif
		retv = dlpromiscon(p, DL_PROMISC_SAP);
		if (retv < 0) {
			if (p->opt.promisc) {
				/*
				 * Not fatal, since the DL_PROMISC_PHYS mode
				 * worked.
				 *
				 * Report it as a warning, however.
				 */
				status = PCAP_WARNING;
			} else {
				/*
				 * Fatal.
				 */
				status = retv;
				goto bad;
			}
		}
	}
#endif /* sinix */

	/*
	** HP-UX 9, and HP-UX 10.20 or later, must bind after setting
	** promiscuous options.
	*/
#if defined(HAVE_HPUX9) || defined(HAVE_HPUX10_20_OR_LATER)
	if (dl_dohpuxbind(p->fd, p->errbuf) < 0) {
		status = PCAP_ERROR;
		goto bad;
	}
	/*
	** We don't set promiscuous mode on the send FD, but we'll defer
	** binding it anyway, just to keep the HP-UX 9/10.20 or later
	** code together.
	*/
	if (pd->send_fd >= 0) {
		/*
		** XXX - if this fails, just close send_fd and
		** set it to -1, so that you can't send but can
		** still receive?
		*/
		if (dl_dohpuxbind(pd->send_fd, p->errbuf) < 0) {
			status = PCAP_ERROR;
			goto bad;
		}
	}
#endif

	/*
	** Determine link type
	** XXX - get SAP length and address length as well, for use
	** when sending packets.
	*/
	if (dlinforeq(p->fd, p->errbuf) < 0 ||
	    dlinfoack(p->fd, (char *)buf, p->errbuf) < 0) {
	    	status = PCAP_ERROR;
		goto bad;
	}

	infop = &(MAKE_DL_PRIMITIVES(buf))->info_ack;
	if (pcap_process_mactype(p, infop->dl_mac_type) != 0) {
		status = PCAP_ERROR;
		goto bad;
	}

#ifdef	DLIOCRAW
	/*
	** This is a non standard SunOS hack to get the full raw link-layer
	** header.
	*/
	if (strioctl(p->fd, DLIOCRAW, 0, NULL) < 0) {
		status = PCAP_ERROR;
		snprintf(p->errbuf, PCAP_ERRBUF_SIZE, "DLIOCRAW: %s",
		    pcap_strerror(errno));
		goto bad;
	}
#endif

#ifdef HAVE_SYS_BUFMOD_H
	ss = p->snapshot;

	/*
	** There is a bug in bufmod(7). When dealing with messages of
	** less than snaplen size it strips data from the beginning not
	** the end.
	**
	** This bug is fixed in 5.3.2. Also, there is a patch available.
	** Ask for bugid 1149065.
	*/
#ifdef HAVE_SOLARIS
	release = get_release(&osmajor, &osminor, &osmicro);
	if (osmajor == 5 && (osminor <= 2 || (osminor == 3 && osmicro < 2)) &&
	    getenv("BUFMOD_FIXED") == NULL) {
		snprintf(p->errbuf, PCAP_ERRBUF_SIZE,
		"WARNING: bufmod is broken in SunOS %s; ignoring snaplen.",
		    release);
		ss = 0;
		status = PCAP_WARNING;
	}
#endif

	/* Push and configure bufmod. */
	if (pcap_conf_bufmod(p, ss) != 0) {
		status = PCAP_ERROR;
		goto bad;
	}
#endif

	/*
	** As the last operation flush the read side.
	*/
	if (ioctl(p->fd, I_FLUSH, FLUSHR) != 0) {
		status = PCAP_ERROR;
		snprintf(p->errbuf, PCAP_ERRBUF_SIZE, "FLUSHR: %s",
		    pcap_strerror(errno));
		goto bad;
	}

	/* Allocate data buffer. */
	if (pcap_alloc_databuf(p) != 0) {
		status = PCAP_ERROR;
		goto bad;
	}

	/*
	 * Success.
	 *
	 * "p->fd" is an FD for a STREAMS device, so "select()" and
	 * "poll()" should work on it.
	 */
	p->selectable_fd = p->fd;

	p->read_op = pcap_read_dlpi;
	p->inject_op = pcap_inject_dlpi;
	p->setfilter_op = install_bpf_program;	/* no kernel filtering */
	p->setdirection_op = NULL;	/* Not implemented.*/
	p->set_datalink_op = NULL;	/* can't change data link type */
	p->getnonblock_op = pcap_getnonblock_fd;
	p->setnonblock_op = pcap_setnonblock_fd;
	p->stats_op = pcap_stats_dlpi;
	p->cleanup_op = pcap_cleanup_dlpi;

	return (status);
bad:
	pcap_cleanup_dlpi(p);
	return (status);
}

/*
 * Split a device name into a device type name and a unit number;
 * return the a pointer to the beginning of the unit number, which
 * is the end of the device type name, and set "*unitp" to the unit
 * number.
 *
 * Returns NULL on error, and fills "ebuf" with an error message.
 */
static char *
split_dname(char *device, int *unitp, char *ebuf)
{
	char *cp;
	char *eos;
	long unit;

	/*
	 * Look for a number at the end of the device name string.
	 */
	cp = device + strlen(device) - 1;
	if (*cp < '0' || *cp > '9') {
		snprintf(ebuf, PCAP_ERRBUF_SIZE, "%s missing unit number",
		    device);
		return (NULL);
	}

	/* Digits at end of string are unit number */
	while (cp-1 >= device && *(cp-1) >= '0' && *(cp-1) <= '9')
		cp--;

	errno = 0;
	unit = strtol(cp, &eos, 10);
	if (*eos != '\0') {
		snprintf(ebuf, PCAP_ERRBUF_SIZE, "%s bad unit number", device);
		return (NULL);
	}
	if (errno == ERANGE || unit > INT_MAX) {
		snprintf(ebuf, PCAP_ERRBUF_SIZE, "%s unit number too large",
		    device);
		return (NULL);
	}
	if (unit < 0) {
		snprintf(ebuf, PCAP_ERRBUF_SIZE, "%s unit number is negative",
		    device);
		return (NULL);
	}
	*unitp = (int)unit;
	return (cp);
}

static int
dl_doattach(int fd, int ppa, char *ebuf)
{
	dl_attach_req_t	req;
	bpf_u_int32 buf[MAXDLBUF];
	int err;

	req.dl_primitive = DL_ATTACH_REQ;
	req.dl_ppa = ppa;
	if (send_request(fd, (char *)&req, sizeof(req), "attach", ebuf) < 0)
		return (PCAP_ERROR);

	err = dlokack(fd, "attach", (char *)buf, ebuf);
	if (err < 0)
		return (err);
	return (0);
}
Esempio n. 4
0
pcap_t *
pcap_open_live(const char *device, int snaplen, int promisc, int to_ms,
    char *ebuf)
{
	register char *cp;
	register pcap_t *p;
	int ppa;
#ifdef HAVE_SOLARIS
	int isatm = 0;
#endif
	register dl_info_ack_t *infop;
#ifdef HAVE_SYS_BUFMOD_H
	bpf_u_int32 ss, chunksize;
#ifdef HAVE_SOLARIS
	register char *release;
	bpf_u_int32 osmajor, osminor, osmicro;
#endif
#endif
	bpf_u_int32 buf[MAXDLBUF];
	char dname[100];
#ifndef HAVE_DEV_DLPI
	char dname2[100];
#endif

	p = (pcap_t *)malloc(sizeof(*p));
	if (p == NULL) {
		strlcpy(ebuf, pcap_strerror(errno), PCAP_ERRBUF_SIZE);
		return (NULL);
	}
	memset(p, 0, sizeof(*p));
	p->fd = -1;	/* indicate that it hasn't been opened yet */
	p->send_fd = -1;

#ifdef HAVE_DEV_DLPI
	/*
	** Remove any "/dev/" on the front of the device.
	*/
	cp = strrchr(device, '/');
	if (cp == NULL)
		strlcpy(dname, device, sizeof(dname));
	else
		strlcpy(dname, cp + 1, sizeof(dname));

	/*
	 * Split the device name into a device type name and a unit number;
	 * chop off the unit number, so "dname" is just a device type name.
	 */
	cp = split_dname(dname, &ppa, ebuf);
	if (cp == NULL)
		goto bad;
	*cp = '\0';

	/*
	 * Use "/dev/dlpi" as the device.
	 *
	 * XXX - HP's DLPI Programmer's Guide for HP-UX 11.00 says that
	 * the "dl_mjr_num" field is for the "major number of interface
	 * driver"; that's the major of "/dev/dlpi" on the system on
	 * which I tried this, but there may be DLPI devices that
	 * use a different driver, in which case we may need to
	 * search "/dev" for the appropriate device with that major
	 * device number, rather than hardwiring "/dev/dlpi".
	 */
	cp = "/dev/dlpi";
	if ((p->fd = open(cp, O_RDWR)) < 0) {
		snprintf(ebuf, PCAP_ERRBUF_SIZE,
		    "%s: %s", cp, pcap_strerror(errno));
		goto bad;
	}

#ifdef DL_HP_RAWDLS
	/*
	 * XXX - HP-UX 10.20 and 11.xx don't appear to support sending and
	 * receiving packets on the same descriptor - you need separate
	 * descriptors for sending and receiving, bound to different SAPs.
	 *
	 * If the open fails, we just leave -1 in "p->send_fd" and reject
	 * attempts to send packets, just as if, in pcap-bpf.c, we fail
	 * to open the BPF device for reading and writing, we just try
	 * to open it for reading only and, if that succeeds, just let
	 * the send attempts fail.
	 */
	p->send_fd = open(cp, O_RDWR);
#endif

	/*
	 * Get a table of all PPAs for that device, and search that
	 * table for the specified device type name and unit number.
	 */
	ppa = get_dlpi_ppa(p->fd, dname, ppa, ebuf);
	if (ppa < 0)
		goto bad;
#else
	/*
	 * If the device name begins with "/", assume it begins with
	 * the pathname of the directory containing the device to open;
	 * otherwise, concatenate the device directory name and the
	 * device name.
	 */
	if (*device == '/')
		strlcpy(dname, device, sizeof(dname));
	else
		snprintf(dname, sizeof(dname), "%s/%s", PCAP_DEV_PREFIX,
		    device);

	/*
	 * Get the unit number, and a pointer to the end of the device
	 * type name.
	 */
	cp = split_dname(dname, &ppa, ebuf);
	if (cp == NULL)
		goto bad;

	/*
	 * Make a copy of the device pathname, and then remove the unit
	 * number from the device pathname.
	 */
	strlcpy(dname2, dname, sizeof(dname));
	*cp = '\0';

	/* Try device without unit number */
	if ((p->fd = open(dname, O_RDWR)) < 0) {
		if (errno != ENOENT) {
			snprintf(ebuf, PCAP_ERRBUF_SIZE, "%s: %s", dname,
			    pcap_strerror(errno));
			goto bad;
		}

		/* Try again with unit number */
		if ((p->fd = open(dname2, O_RDWR)) < 0) {
			if (errno == ENOENT) {
				/*
				 * We just report "No DLPI device found"
				 * with the device name, so people don't
				 * get confused and think, for example,
				 * that if they can't capture on "lo0"
				 * on Solaris the fix is to change libpcap
				 * (or the application that uses it) to
				 * look for something other than "/dev/lo0",
				 * as the fix is to look for an operating
				 * system other than Solaris - you just
				 * *can't* capture on a loopback interface
				 * on Solaris, the lack of a DLPI device
				 * for the loopback interface is just a
				 * symptom of that inability.
				 */
				snprintf(ebuf, PCAP_ERRBUF_SIZE,
				    "%s: No DLPI device found", device);
			} else {
				snprintf(ebuf, PCAP_ERRBUF_SIZE, "%s: %s",
				    dname2, pcap_strerror(errno));
			}
			goto bad;
		}
		/* XXX Assume unit zero */
		ppa = 0;
	}
#endif

	p->snapshot = snaplen;

	/*
	** Attach if "style 2" provider
	*/
	if (dlinforeq(p->fd, ebuf) < 0 ||
	    dlinfoack(p->fd, (char *)buf, ebuf) < 0)
		goto bad;
	infop = &((union DL_primitives *)buf)->info_ack;
#ifdef HAVE_SOLARIS
	if (infop->dl_mac_type == DL_IPATM)
		isatm = 1;
#endif
	if (infop->dl_provider_style == DL_STYLE2) {
		if (dl_doattach(p->fd, ppa, ebuf) < 0)
			goto bad;
#ifdef DL_HP_RAWDLS
		if (p->send_fd >= 0) {
			if (dl_doattach(p->send_fd, ppa, ebuf) < 0)
				goto bad;
		}
#endif
	}

	/*
	** Bind (defer if using HP-UX 9 or HP-UX 10.20 or later, totally
	** skip if using SINIX)
	*/
#if !defined(HAVE_HPUX9) && !defined(HAVE_HPUX10_20_OR_LATER) && !defined(sinix)
#ifdef _AIX
	/*
	** AIX.
	** According to IBM's AIX Support Line, the dl_sap value
	** should not be less than 0x600 (1536) for standard Ethernet.
	** However, we seem to get DL_BADADDR - "DLSAP addr in improper
	** format or invalid" - errors if we use 1537 on the "tr0"
	** device, which, given that its name starts with "tr" and that
	** it's IBM, probably means a Token Ring device.  (Perhaps we
	** need to use 1537 on "/dev/dlpi/en" because that device is for
	** D/I/X Ethernet, the "SAP" is actually an Ethernet type, and
	** it rejects invalid Ethernet types.)
	**
	** So if 1537 fails, we try 2, as Hyung Sik Yoon of IBM Korea
	** says that works on Token Ring (he says that 0 does *not*
	** work; perhaps that's considered an invalid LLC SAP value - I
	** assume the SAP value in a DLPI bind is an LLC SAP for network
	** types that use 802.2 LLC).
	*/
	if ((dlbindreq(p->fd, 1537, ebuf) < 0 &&
	     dlbindreq(p->fd, 2, ebuf) < 0) ||
	     dlbindack(p->fd, (char *)buf, ebuf, NULL) < 0)
		goto bad;
#elif defined(DL_HP_RAWDLS)
	/*
	** HP-UX 10.0x and 10.1x.
	*/
	if (dl_dohpuxbind(p->fd, ebuf) < 0)
		goto bad;
	if (p->send_fd >= 0) {
		/*
		** XXX - if this fails, just close send_fd and
		** set it to -1, so that you can't send but can
		** still receive?
		*/
		if (dl_dohpuxbind(p->send_fd, ebuf) < 0)
			goto bad;
	}
#else /* neither AIX nor HP-UX */
	/*
	** Not Sinix, and neither AIX nor HP-UX - Solaris, and any other
	** OS using DLPI.
	**/
	if (dlbindreq(p->fd, 0, ebuf) < 0 ||
	    dlbindack(p->fd, (char *)buf, ebuf, NULL) < 0)
		goto bad;
#endif /* AIX vs. HP-UX vs. other */
#endif /* !HP-UX 9 and !HP-UX 10.20 or later and !SINIX */

#ifdef HAVE_SOLARIS
	if (isatm) {
		/*
		** Have to turn on some special ATM promiscuous mode
		** for SunATM.
		** Do *NOT* turn regular promiscuous mode on; it doesn't
		** help, and may break things.
		*/
		if (strioctl(p->fd, A_PROMISCON_REQ, 0, NULL) < 0) {
			snprintf(ebuf, PCAP_ERRBUF_SIZE, "A_PROMISCON_REQ: %s",
			    pcap_strerror(errno));
			goto bad;
		}
	} else
#endif
	if (promisc) {
		/*
		** Enable promiscuous (not necessary on send FD)
		*/
		if (dlpromisconreq(p->fd, DL_PROMISC_PHYS, ebuf) < 0 ||
		    dlokack(p->fd, "promisc_phys", (char *)buf, ebuf) < 0)
			goto bad;

		/*
		** Try to enable multicast (you would have thought
		** promiscuous would be sufficient). (Skip if using
		** HP-UX or SINIX) (Not necessary on send FD)
		*/
#if !defined(__hpux) && !defined(sinix)
		if (dlpromisconreq(p->fd, DL_PROMISC_MULTI, ebuf) < 0 ||
		    dlokack(p->fd, "promisc_multi", (char *)buf, ebuf) < 0)
			fprintf(stderr,
			    "WARNING: DL_PROMISC_MULTI failed (%s)\n", ebuf);
#endif
	}
	/*
	** Try to enable SAP promiscuity (when not in promiscuous mode
	** when using HP-UX, when not doing SunATM on Solaris, and never
	** under SINIX) (Not necessary on send FD)
	*/
#ifndef sinix
	if (
#ifdef __hpux
	    !promisc &&
#endif
#ifdef HAVE_SOLARIS
	    !isatm &&
#endif
	    (dlpromisconreq(p->fd, DL_PROMISC_SAP, ebuf) < 0 ||
	    dlokack(p->fd, "promisc_sap", (char *)buf, ebuf) < 0)) {
		/* Not fatal if promisc since the DL_PROMISC_PHYS worked */
		if (promisc)
			fprintf(stderr,
			    "WARNING: DL_PROMISC_SAP failed (%s)\n", ebuf);
		else
			goto bad;
	}
#endif /* sinix */

	/*
	** HP-UX 9, and HP-UX 10.20 or later, must bind after setting
	** promiscuous options.
	*/
#if defined(HAVE_HPUX9) || defined(HAVE_HPUX10_20_OR_LATER)
	if (dl_dohpuxbind(p->fd, ebuf) < 0)
		goto bad;
	/*
	** We don't set promiscuous mode on the send FD, but we'll defer
	** binding it anyway, just to keep the HP-UX 9/10.20 or later
	** code together.
	*/
	if (p->send_fd >= 0) {
		/*
		** XXX - if this fails, just close send_fd and
		** set it to -1, so that you can't send but can
		** still receive?
		*/
		if (dl_dohpuxbind(p->send_fd, ebuf) < 0)
			goto bad;
	}
#endif

	/*
	** Determine link type
	** XXX - get SAP length and address length as well, for use
	** when sending packets.
	*/
	if (dlinforeq(p->fd, ebuf) < 0 ||
	    dlinfoack(p->fd, (char *)buf, ebuf) < 0)
		goto bad;

	infop = &((union DL_primitives *)buf)->info_ack;
	switch (infop->dl_mac_type) {

	case DL_CSMACD:
	case DL_ETHER:
		p->linktype = DLT_EN10MB;
		p->offset = 2;
		/*
		 * This is (presumably) a real Ethernet capture; give it a
		 * link-layer-type list with DLT_EN10MB and DLT_DOCSIS, so
		 * that an application can let you choose it, in case you're
		 * capturing DOCSIS traffic that a Cisco Cable Modem
		 * Termination System is putting out onto an Ethernet (it
		 * doesn't put an Ethernet header onto the wire, it puts raw
		 * DOCSIS frames out on the wire inside the low-level
		 * Ethernet framing).
		 */
		p->dlt_list = (u_int *) malloc(sizeof(u_int) * 2);
		/*
		 * If that fails, just leave the list empty.
		 */
		if (p->dlt_list != NULL) {
			p->dlt_list[0] = DLT_EN10MB;
			p->dlt_list[1] = DLT_DOCSIS;
			p->dlt_count = 2;
		}
		break;

	case DL_FDDI:
		p->linktype = DLT_FDDI;
		p->offset = 3;
		break;

	case DL_TPR:
		/*
		 * XXX - what about DL_TPB?  Is that Token Bus?
		 */	
		p->linktype = DLT_IEEE802;
		p->offset = 2;
		break;

#ifdef HAVE_SOLARIS
	case DL_IPATM:
		p->linktype = DLT_SUNATM;
		p->offset = 0;	/* works for LANE and LLC encapsulation */
		break;
#endif

	default:
		snprintf(ebuf, PCAP_ERRBUF_SIZE, "unknown mac type %lu",
		    (unsigned long)infop->dl_mac_type);
		goto bad;
	}

#ifdef	DLIOCRAW
	/*
	** This is a non standard SunOS hack to get the full raw link-layer
	** header.
	*/
	if (strioctl(p->fd, DLIOCRAW, 0, NULL) < 0) {
		snprintf(ebuf, PCAP_ERRBUF_SIZE, "DLIOCRAW: %s",
		    pcap_strerror(errno));
		goto bad;
	}
#endif

#ifdef HAVE_SYS_BUFMOD_H
	/*
	** Another non standard call to get the data nicely buffered
	*/
	if (ioctl(p->fd, I_PUSH, "bufmod") != 0) {
		snprintf(ebuf, PCAP_ERRBUF_SIZE, "I_PUSH bufmod: %s",
		    pcap_strerror(errno));
		goto bad;
	}

	/*
	** Now that the bufmod is pushed lets configure it.
	**
	** There is a bug in bufmod(7). When dealing with messages of
	** less than snaplen size it strips data from the beginning not
	** the end.
	**
	** This bug is supposed to be fixed in 5.3.2. Also, there is a
	** patch available. Ask for bugid 1149065.
	*/
	ss = snaplen;
#ifdef HAVE_SOLARIS
	release = get_release(&osmajor, &osminor, &osmicro);
	if (osmajor == 5 && (osminor <= 2 || (osminor == 3 && osmicro < 2)) &&
	    getenv("BUFMOD_FIXED") == NULL) {
		fprintf(stderr,
		"WARNING: bufmod is broken in SunOS %s; ignoring snaplen.\n",
		    release);
		ss = 0;
	}
#endif
	if (ss > 0 &&
	    strioctl(p->fd, SBIOCSSNAP, sizeof(ss), (char *)&ss) != 0) {
		snprintf(ebuf, PCAP_ERRBUF_SIZE, "SBIOCSSNAP: %s",
		    pcap_strerror(errno));
		goto bad;
	}

	/*
	** Set up the bufmod timeout
	*/
	if (to_ms != 0) {
		struct timeval to;

		to.tv_sec = to_ms / 1000;
		to.tv_usec = (to_ms * 1000) % 1000000;
		if (strioctl(p->fd, SBIOCSTIME, sizeof(to), (char *)&to) != 0) {
			snprintf(ebuf, PCAP_ERRBUF_SIZE, "SBIOCSTIME: %s",
			    pcap_strerror(errno));
			goto bad;
		}
	}

	/*
	** Set the chunk length.
	*/
	chunksize = CHUNKSIZE;
	if (strioctl(p->fd, SBIOCSCHUNK, sizeof(chunksize), (char *)&chunksize)
	    != 0) {
		snprintf(ebuf, PCAP_ERRBUF_SIZE, "SBIOCSCHUNKP: %s",
		    pcap_strerror(errno));
		goto bad;
	}
#endif

	/*
	** As the last operation flush the read side.
	*/
	if (ioctl(p->fd, I_FLUSH, FLUSHR) != 0) {
		snprintf(ebuf, PCAP_ERRBUF_SIZE, "FLUSHR: %s",
		    pcap_strerror(errno));
		goto bad;
	}

	/* Allocate data buffer */
	p->bufsize = PKTBUFSIZE;
	p->buffer = (u_char *)malloc(p->bufsize + p->offset);
	if (p->buffer == NULL) {
		strlcpy(ebuf, pcap_strerror(errno), PCAP_ERRBUF_SIZE);
		goto bad;
	}

	/*
	 * "p->fd" is an FD for a STREAMS device, so "select()" and
	 * "poll()" should work on it.
	 */
	p->selectable_fd = p->fd;

	p->read_op = pcap_read_dlpi;
	p->inject_op = pcap_inject_dlpi;
	p->setfilter_op = install_bpf_program;	/* no kernel filtering */
	p->setdirection_op = NULL;	/* Not implemented.*/
	p->set_datalink_op = NULL;	/* can't change data link type */
	p->getnonblock_op = pcap_getnonblock_fd;
	p->setnonblock_op = pcap_setnonblock_fd;
	p->stats_op = pcap_stats_dlpi;
	p->close_op = pcap_close_dlpi;

	return (p);
bad:
	if (p->fd >= 0)
		close(p->fd);
	if (p->send_fd >= 0)
		close(p->send_fd);
	/*
	 * Get rid of any link-layer type list we allocated.
	 */
	if (p->dlt_list != NULL)
		free(p->dlt_list);
	free(p);
	return (NULL);
}
Esempio n. 5
0
/*
 * Open up the device, and start finding out something about it,
 * especially stuff about the data link headers.  We need that information
 * to build the proper packet filters.
 */
boolean_t
check_device(char **devicep, int *ppap)
{
	char *devname;
	/*
	 * Determine which network device
	 * to use if none given.
	 * Should get back a value like "le0".
	 */

	if (*devicep == NULL) {
		char *cbuf;
		static struct ifconf ifc;
		static struct ifreq *ifr;
		int s;
		int n;
		int numifs;
		unsigned bufsize;

		if ((s = socket(AF_INET, SOCK_DGRAM, 0)) < 0)
		    pr_err("socket");

		if (ioctl(s, SIOCGIFNUM, (char *)&numifs) < 0) {
			pr_err("check_device: ioctl SIOCGIFNUM");
			(void) close(s);
			s = -1;
			return (B_FALSE);
		}

		bufsize = numifs * sizeof (struct ifreq);
		cbuf = (char *)malloc(bufsize);
		if (cbuf == NULL) {
			pr_err("out of memory\n");
			(void) close(s);
			s = -1;
			return (B_FALSE);
		}
		ifc.ifc_len = bufsize;
		ifc.ifc_buf = cbuf;
		if (ioctl(s, SIOCGIFCONF, (char *)&ifc) < 0) {
			pr_err("check_device: ioctl SIOCGIFCONF");
			(void) close(s);
			s = -1;
			(void) free(cbuf);
			return (B_FALSE);
		}
		n = ifc.ifc_len / sizeof (struct ifreq);
		ifr = ifc.ifc_req;
		for (; n > 0; n--, ifr++) {
			if (strchr(ifr->ifr_name, ':') != NULL)
				continue;
			if (ioctl(s, SIOCGIFFLAGS, (char *)ifr) < 0)
				pr_err("ioctl SIOCGIFFLAGS");
			if ((ifr->ifr_flags &
				(IFF_VIRTUAL|IFF_LOOPBACK|IFF_UP|
				IFF_RUNNING)) == (IFF_UP|IFF_RUNNING))
				break;
		}

		if (n == 0)
			pr_err("No network interface devices found");

		*devicep = ifr->ifr_name;
		(void) close(s);
	}

	devname = device_path(*devicep);
	if ((netfd = open(devname, O_RDWR)) < 0)
		pr_err("%s: %m", devname);

	*ppap = device_ppa(*devicep);

	/*
	 * Check for DLPI Version 2.
	 */
	dlinforeq(netfd, &netdl);
	if (netdl.info_ack.dl_version != DL_VERSION_2)
		pr_err("DL_INFO_ACK:  incompatible version %d",
		netdl.info_ack.dl_version);

	/*
	 * Attach for DLPI Style 2.
	 */
	if (netdl.info_ack.dl_provider_style == DL_STYLE2) {
		dlattachreq(netfd, *ppap);
		/* Reread more specific information */
		dlinforeq(netfd, &netdl);
	}

	/* Enable passive mode so that we can snoop on aggregated links. */
	dlpi_passive(netfd, -1);

	for (interface = &INTERFACES[0]; interface->mac_type != -1; interface++)
		if (interface->mac_type == netdl.info_ack.dl_mac_type)
			break;

	/* allow limited functionality even is interface isn't known */
	if (interface->mac_type == -1) {
		fprintf(stderr,
		    "snoop: WARNING: Mac Type = %lx not supported\n",
		    netdl.info_ack.dl_mac_type);
	}

	/* for backward compatibility, allow known interface mtu_sizes */
	if (interface->mtu_size > (uint_t)netdl.info_ack.dl_max_sdu)
		netdl.info_ack.dl_max_sdu = (t_scalar_t)interface->mtu_size;

	if (interface->mac_hdr_fixed_size == IF_HDR_FIXED)
		return (B_TRUE);

	return (B_FALSE);
}
Esempio n. 6
0
int
openInterface(char const *ifname, UINT16_t type, unsigned char *hwaddr)
{
    int fd;
    long buf[MAXDLBUF];

	union   DL_primitives   *dlp;

    char base_dev[PATH_MAX];
    int ppa;

    if(strlen(ifname) > PATH_MAX) {
	rp_fatal("socket: Interface name too long");
    }

    if (strlen(ifname) < 2) {
	rp_fatal("socket: Interface name too short");
    }

    ppa = atoi(&ifname[strlen(ifname)-1]);
    strncpy(base_dev, ifname, PATH_MAX);
    base_dev[strlen(base_dev)-1] = '\0';

    dlp = (union DL_primitives*) buf;

    if ( (fd = open(base_dev, O_RDWR)) < 0) {
	
	if (errno == EPERM) {
	    rp_fatal("Cannot create raw socket -- pppoe must be run as root.");
	}
	
	if (errno == ENOENT) {
	    char ifname[512];
	    snprintf(ifname, sizeof(ifname), "/dev/%s", base_dev);
	    if ((fd = open(ifname, O_RDWR)) < 0) {
		if (errno == EPERM) {
		    rp_fatal("Cannot create raw socket -- pppoe must be run as root.");
		}
	    }
	}
    }
    if (fd < 0) {
	fatalSys("socket");
    }

    dlattachreq(fd, ppa);
    dlokack(fd, (char *)buf);

    dlbindreq(fd, type, 0, DL_CLDLS, 0, 0);
    dlbindack(fd, (char *)buf);

    dlinforeq(fd);
    dlinfoack(fd, (char *)buf);

    dl_abssaplen = ABS(dlp->info_ack.dl_sap_length);
    dl_saplen = dlp->info_ack.dl_sap_length;
    if (ETHERADDRL != (dlp->info_ack.dl_addr_length - dl_abssaplen))
	fatalSys("invalid destination physical address length");
    dl_addrlen = dl_abssaplen + ETHERADDRL;

    memcpy(hwaddr, (u_char*)((char*)(dlp) + (int)(dlp->info_ack.dl_addr_offset)), ETHERADDRL);

    if ( strioctl(fd, DLIOCRAW, -1, 0, NULL) < 0 ) {
	fatalSys("DLIOCRAW");
    }

    if (ioctl(fd, I_FLUSH, FLUSHR) < 0) fatalSys("I_FLUSH");

    return fd;
}
Esempio n. 7
0
pcap_t *
pcap_open_live(char *device, int snaplen, int promisc, int to_ms, char *ebuf)
{
    register char *cp;
    char *eos;
    register pcap_t *p;
    register int ppa;
    register dl_info_ack_t *infop;
#ifdef HAVE_SYS_BUFMOD_H
    bpf_u_int32 ss, flag;
#ifdef HAVE_SOLARIS
    register char *release;
    bpf_u_int32 osmajor, osminor, osmicro;
#endif
#endif
    bpf_u_int32 buf[MAXDLBUF];
    char dname[100];
#ifndef HAVE_DEV_DLPI
    char dname2[100];
#endif

    p = (pcap_t *)malloc(sizeof(*p));
    if (p == NULL) {
        strcpy(ebuf, pcap_strerror(errno));
        return (NULL);
    }
    memset(p, 0, sizeof(*p));

    /*
    ** Determine device and ppa
    */
    cp = strpbrk(device, "0123456789");
    if (cp == NULL) {
        sprintf(ebuf, "%s missing unit number", device);
        goto bad;
    }
    ppa = strtol(cp, &eos, 10);
    if (*eos != '\0') {
        sprintf(ebuf, "%s bad unit number", device);
        goto bad;
    }

    if (*device == '/')
        strcpy(dname, device);
    else
        sprintf(dname, "%s/%s", PCAP_DEV_PREFIX, device);
#ifdef HAVE_DEV_DLPI
    /* Map network device to /dev/dlpi unit */
    cp = "/dev/dlpi";
    if ((p->fd = open(cp, O_RDWR)) < 0) {
        sprintf(ebuf, "%s: %s", cp, pcap_strerror(errno));
        goto bad;
    }
    /* Map network interface to /dev/dlpi unit */
    ppa = get_dlpi_ppa(p->fd, dname, ppa, ebuf);
    if (ppa < 0)
        goto bad;
#else
    /* Try device without unit number */
    strcpy(dname2, dname);
    cp = strchr(dname, *cp);
    *cp = '\0';
    if ((p->fd = open(dname, O_RDWR)) < 0) {
        if (errno != ENOENT) {
            sprintf(ebuf, "%s: %s", dname, pcap_strerror(errno));
            goto bad;
        }

        /* Try again with unit number */
        if ((p->fd = open(dname2, O_RDWR)) < 0) {
            sprintf(ebuf, "%s: %s", dname2, pcap_strerror(errno));
            goto bad;
        }
        /* XXX Assume unit zero */
        ppa = 0;
    }
#endif

    p->snapshot = snaplen;

    /*
    ** Attach if "style 2" provider
    */
    if (dlinforeq(p->fd, ebuf) < 0 ||
            dlinfoack(p->fd, (char *)buf, ebuf) < 0)
        goto bad;
    infop = &((union DL_primitives *)buf)->info_ack;
    if (infop->dl_provider_style == DL_STYLE2 &&
            (dlattachreq(p->fd, ppa, ebuf) < 0 ||
             dlokack(p->fd, "attach", (char *)buf, ebuf) < 0))
        goto bad;
    /*
    ** Bind (defer if using HP-UX 9 or HP-UX 10.20, totally skip if
    ** using SINIX)
    */
#if !defined(HAVE_HPUX9) && !defined(HAVE_HPUX10_20) && !defined(sinix)
    if (dlbindreq(p->fd, 0, ebuf) < 0 ||
            dlbindack(p->fd, (char *)buf, ebuf) < 0)
        goto bad;
#endif

    if (promisc) {
        /*
        ** Enable promiscuous
        */
        if (dlpromisconreq(p->fd, DL_PROMISC_PHYS, ebuf) < 0 ||
                dlokack(p->fd, "promisc_phys", (char *)buf, ebuf) < 0)
            goto bad;

        /*
        ** Try to enable multicast (you would have thought
        ** promiscuous would be sufficient). (Skip if using
        ** HP-UX or SINIX)
        */
#if !defined(__hpux) && !defined(sinix)
        if (dlpromisconreq(p->fd, DL_PROMISC_MULTI, ebuf) < 0 ||
                dlokack(p->fd, "promisc_multi", (char *)buf, ebuf) < 0)
            fprintf(stderr,
                    "WARNING: DL_PROMISC_MULTI failed (%s)\n", ebuf);
#endif
    }
    /*
    ** Try to enable sap (when not in promiscuous mode when using
    ** using HP-UX and never under SINIX)
    */
#ifndef sinix
    if (
#ifdef __hpux
        !promisc &&
#endif
        (dlpromisconreq(p->fd, DL_PROMISC_SAP, ebuf) < 0 ||
         dlokack(p->fd, "promisc_sap", (char *)buf, ebuf) < 0)) {
        /* Not fatal if promisc since the DL_PROMISC_PHYS worked */
        if (promisc)
            fprintf(stderr,
                    "WARNING: DL_PROMISC_SAP failed (%s)\n", ebuf);
        else
            goto bad;
    }
#endif

    /*
    ** HP-UX 9 and HP-UX 10.20 must bind after setting promiscuous
    ** options)
    */
#if defined(HAVE_HPUX9) || defined(HAVE_HPUX10_20)
    if (dlbindreq(p->fd, 0, ebuf) < 0 ||
            dlbindack(p->fd, (char *)buf, ebuf) < 0)
        goto bad;
#endif

    /*
    ** Determine link type
    */
    if (dlinforeq(p->fd, ebuf) < 0 ||
            dlinfoack(p->fd, (char *)buf, ebuf) < 0)
        goto bad;

    infop = &((union DL_primitives *)buf)->info_ack;
    switch (infop->dl_mac_type) {

    case DL_CSMACD:
    case DL_ETHER:
        p->linktype = DLT_EN10MB;
        p->offset = 2;
        break;

    case DL_FDDI:
        p->linktype = DLT_FDDI;
        p->offset = 3;
        break;

    default:
        sprintf(ebuf, "unknown mac type 0x%lu", infop->dl_mac_type);
        goto bad;
    }

#ifdef	DLIOCRAW
    /*
    ** This is a non standard SunOS hack to get the ethernet header.
    */
    if (strioctl(p->fd, DLIOCRAW, 0, NULL) < 0) {
        sprintf(ebuf, "DLIOCRAW: %s", pcap_strerror(errno));
        goto bad;
    }
#endif

#ifdef HAVE_SYS_BUFMOD_H
    /*
    ** Another non standard call to get the data nicely buffered
    */
    if (ioctl(p->fd, I_PUSH, "bufmod") != 0) {
        sprintf(ebuf, "I_PUSH bufmod: %s", pcap_strerror(errno));
        goto bad;
    }

    /*
    ** Now that the bufmod is pushed lets configure it.
    **
    ** There is a bug in bufmod(7). When dealing with messages of
    ** less than snaplen size it strips data from the beginning not
    ** the end.
    **
    ** This bug is supposed to be fixed in 5.3.2. Also, there is a
    ** patch available. Ask for bugid 1149065.
    */
    ss = snaplen;
#ifdef HAVE_SOLARIS
    release = get_release(&osmajor, &osminor, &osmicro);
    if (osmajor == 5 && (osminor <= 2 || (osminor == 3 && osmicro < 2)) &&
            getenv("BUFMOD_FIXED") == NULL) {
        fprintf(stderr,
                "WARNING: bufmod is broken in SunOS %s; ignoring snaplen.\n",
                release);
        ss = 0;
    }
#endif
    if (ss > 0 &&
            strioctl(p->fd, SBIOCSSNAP, sizeof(ss), (char *)&ss) != 0) {
        sprintf(ebuf, "SBIOCSSNAP: %s", pcap_strerror(errno));
        goto bad;
    }

    /*
    ** Set up the bufmod flags
    */
    if (strioctl(p->fd, SBIOCGFLAGS, sizeof(flag), (char *)&flag) < 0) {
        sprintf(ebuf, "SBIOCGFLAGS: %s", pcap_strerror(errno));
        goto bad;
    }
    flag |= SB_NO_DROPS;
    if (strioctl(p->fd, SBIOCSFLAGS, sizeof(flag), (char *)&flag) != 0) {
        sprintf(ebuf, "SBIOCSFLAGS: %s", pcap_strerror(errno));
        goto bad;
    }
    /*
    ** Set up the bufmod timeout
    */
    if (to_ms != 0) {
        struct timeval to;

        to.tv_sec = to_ms / 1000;
        to.tv_usec = (to_ms * 1000) % 1000000;
        if (strioctl(p->fd, SBIOCSTIME, sizeof(to), (char *)&to) != 0) {
            sprintf(ebuf, "SBIOCSTIME: %s", pcap_strerror(errno));
            goto bad;
        }
    }
#endif

    /*
    ** As the last operation flush the read side.
    */
    if (ioctl(p->fd, I_FLUSH, FLUSHR) != 0) {
        sprintf(ebuf, "FLUSHR: %s", pcap_strerror(errno));
        goto bad;
    }
    /* Allocate data buffer */
    p->bufsize = MAXDLBUF * sizeof(bpf_u_int32);
    p->buffer = (u_char *)malloc(p->bufsize + p->offset);

    return (p);
bad:
    free(p);
    return (NULL);
}