on Solaris 10 pcap_findalldevs() returns no data when in a zone

[infrastation]

Solaris 10 is the only OS that uses fad-glifc.c, and apparently the code does not work (this applies to both the current master branch and the latest release):

./testprogs/findalldevstest | wc -l
       0

./tcpdump --version                 
tcpdump version 5.0.0-PRE-GIT
libpcap version 1.10.5
OpenSSL 1.0.2u  20 Dec 2019
SMI-library: 0.5.0
32-bit build, 32-bit time_t

./tcpdump -D | wc -l                
       0

At the same time, running ifconfig -a from the same terminal returns a few network interfaces.

[infrastation]

This is because in fad-glifc.c:pcapint_findalldevs_interfaces() the argument check_usable is is_dlpi_interface(), and the latter (in the Solaris branch) is not finding the device under /dev/, which has no network interfaces at all (likely because this is a zone). However, this does not prevent ifconfig from working and returning both inet and inet6 addresses.

[guyharris]

For the current master branches of libpcap and tcpdump, on my Solaris 10 VM:

solaris10$ uname -a
SunOS solaris10 5.10 Generic_147148-26 i86pc i386 i86pc
solaris10$ ./tcpdump --version
tcpdump version 5.0.0-PRE-GIT
libpcap version 1.11.0-PRE-GIT
32-bit build, 32-bit time_t
solaris10$ ./tcpdump -D
1.e1000g0 [Up, Running, Connection status unknown]

[infrastation]

The zone where this reproduces has three interfaces, all of which have a : in the interface name and no device under /dev/.

[guyharris]

Traffic capture in a zone appears to require special configuration:

https://community.spiceworks.com/t/need-help-in-capturing-network-traffic-on-solaris-10-local-zone/877396/2

https://docs.oracle.com/cd/E19044-01/sol.containers/817-1592/geprv/index.html

An exclusive-IP zone is assigned its own set of data-links using the zonecfg command. The zone is given a data-link name such as xge0, e1000g1, or bge32001, using the physical property of the netresource. The address property of the net resource is not set.

Note that the assigned data-link enables the snoop command to be used.

https://forums.oracle.com/ords/apexds/post/snoop-in-zones-2831

https://www.unixarena.com/2013/05/how-to-use-snoop-in-solaris.html/

[infrastation]

Pardon my ignorance. It seem worth to note this in the man pages of pcap_findalldevs() and pcap_create(). Also maybe in doc/README.solaris.md.

[guyharris]

Pardon my ignorance.

Today I Learned that there's an issue with capturing in a zone with DLPI, so no problem.

It seem worth to note this in the man pages of pcap_findalldevs() and pcap_create(). Also maybe in doc/README.solaris.md.

It might also be worth having pcap_activate() return PCAP_ERROR_CAPTURE_NOTSUP for that case, and if this is running in a zone, provide a message suggesting that the zone might not allow that.