TCP IP Illustrated

It doesnt require special permission to enable the

Info iconThis preview shows page 1. Sign up to view the full content.

View Full Document Right Arrow Icon
This is the end of the preview. Sign up to access the rest of the document.

Unformatted text preview: ess to the NIT device is restricted to the superuser. The BSD Packet Filter uses a different technique: access is controlled by the permissions on the devices /dev/bpfXX. Normally these devices are readable and writable only by the owner (which should be the superuser) and readable by the group (often the system administration group). This means normal users can't run programs such as tcpdump, unless the system administrator makes the program set-user-ID. A.6 Socket Debug Option Another way to see what's going on with a TCP connection is to enable socket debugging, on systems that support this feature. This feature works only with TCP (not with other protocols) and requires application support (to enable a socket option when it's started). Most Berkeley-derived implementations support this, including SunOS, 4.4BSD, and SVR4. The program enables a socket option, and the kernel then keeps a trace record of what happens on that connection. At some later time all this information can be output by running the program trpt(8). It doesn't require special permission to enable the socket debug option, but it requires special privileges to run trpt, since it accesses the kernel's memory. Our sock program (Appendix C) supports this feature with its -D option, but the information output is harder to decipher and understand than the corresponding tcpdump output. We do, however, use it in Section 21.4 to look at kernel variables in the TCP connection block that tcpdump cannot access. file:///D|/Documents%20and%20Settings/bigini/Docu...homenet2run/tcpip/tcp-ip-illustrated/append_a.htm (7 of 7) [12/09/2001 14.47.59] Appendix B: Computer Clocks Computer Clocks Since most of the examples in this text measure a time interval, we need to describe in more detail the type of timekeeping used by current Unix systems. The following description applies to the systems being used for the examples in this book, and for most Unix systems. Additional details are given in Sections 3.4 and 3.5 of [Leffler et al. 1989]. The hardware gen...
View Full Document

Ask a homework question - tutors are online