New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[Linux 4.4.0] No interfaces found when connecting Wireshark client to compiled rpcapd daemon #666
Comments
What OS is the rpcap client running? Is the rpcap client also using libpcap built from the current master? Do you have a network trace of the rpcap traffic? |
Try it with the current tip of the master branch; 2972769 fixes a bug where protocol version negotiation didn't work. That does, however, show a Wireshark bug - the error dialog should have said "The server doesn't support any protocol version that we support", but the Wireshark code doesn't properly handle getting an actual error from |
This means try building rpcapd for the server from the current tip of the master branch AND, if you built Wireshark on the client with a libpcap built from the master branch, try building Wireshark on the client with a libpcap built from the current tip of the master branch - the bug was in both the client and server side. |
CANT_GET_INTERFACE_LIST does *NOT* mean "No remote interfaces found.", as in "there are no remote interfaces"; a NULL return from get_remote_interface_list() and an err value of 0 means that. CANT_GET_INTERFACE_LIST means "something bad happened and the error string says what it is". Display that error string, so when people report problems: the-tcpdump-group/libpcap#666 they'll give the actual error message, and I'll fix my breakage of the rpcap protocol negotiation: the-tcpdump-group/libpcap@2972769 rather than just wondering what the problem was and asking the reporter of the problem for more information. Report anything other than "there are no remote interfaces" as an error, not a warning. Change-Id: Ia9381953d080e037254f21e47ee7ecc4619b7254 Reviewed-on: https://code.wireshark.org/review/24627 Reviewed-by: Guy Harris <guy@alum.mit.edu> (cherry picked from commit ae65dc2) Reviewed-on: https://code.wireshark.org/review/24628
CANT_GET_INTERFACE_LIST does *NOT* mean "No remote interfaces found.", as in "there are no remote interfaces"; a NULL return from get_remote_interface_list() and an err value of 0 means that. CANT_GET_INTERFACE_LIST means "something bad happened and the error string says what it is". Display that error string, so when people report problems: the-tcpdump-group/libpcap#666 they'll give the actual error message, and I'll fix my breakage of the rpcap protocol negotiation: the-tcpdump-group/libpcap@2972769 rather than just wondering what the problem was and asking the reporter of the problem for more information. Report anything other than "there are no remote interfaces" as an error, not a warning. Change-Id: Ia9381953d080e037254f21e47ee7ecc4619b7254 Reviewed-on: https://code.wireshark.org/review/24627 Reviewed-by: Guy Harris <guy@alum.mit.edu>
CANT_GET_INTERFACE_LIST does *NOT* mean "No remote interfaces found.", as in "there are no remote interfaces"; a NULL return from get_remote_interface_list() and an err value of 0 means that. CANT_GET_INTERFACE_LIST means "something bad happened and the error string says what it is". Display that error string, so when people report problems: the-tcpdump-group/libpcap#666 they'll give the actual error message, and I'll fix my breakage of the rpcap protocol negotiation: the-tcpdump-group/libpcap@2972769 rather than just wondering what the problem was and asking the reporter of the problem for more information. Report anything other than "there are no remote interfaces" as an error, not a warning. Change-Id: Ia9381953d080e037254f21e47ee7ecc4619b7254 Reviewed-on: https://code.wireshark.org/review/24627 Reviewed-by: Guy Harris <guy@alum.mit.edu> (cherry picked from commit ae65dc2) Reviewed-on: https://code.wireshark.org/review/24629
Fixed in Wireshark change 24627 and in the backports to 2.4 and 2.2. |
rpcap client OS is Windows 10.0.14393. Off topic, but is there a way to run an rpcap client off *nix?
The rpcap client is not using libpcap built from current master. Its libpcap version within Wireshark 2.2.6 appears to be libpcap 1.0 branch 1_0_rel0b (20091008).
I do not have a network trace.
I can confirm that this appears to fix the issue! Pulled master (commit 2972769) and there was no error upon connecting the client. Capturing seems to work as expected. Thanks for the quick response and work! |
Yes, but you have to build libpcap yourself (I'd suggest using the tip of the master branch), configuring it with
OK, that one doesn't have the bug I introduced, so replacing the rpcapd is sufficient.
Not needed - it showed up with tcpdump (built on *nix - macOS - with tip-of-the-master branch libpcap) when I was doing some other rpcap testing, and it, unlike Wireshark, actually reported the real problem, so it was easier to diagnose. |
Rpcapd complied from current master, commit
800fff521b3a90300d03af880b4626ede13c57bd
.Details of system compiling/running rpcapd:
Compiling process:
And daemon started with:
The following outputs to stdout when client attempts to connect:
The rpcap client is running Wireshark v2.2.6-0-g32dac6a. That Wireshark instance displays error window noting "No remote interfaces found".
The text was updated successfully, but these errors were encountered: