Bug 22008 - tcpdump: pcap_loop: poll: Interrupted system call
Summary: tcpdump: pcap_loop: poll: Interrupted system call
Keywords:
Status: CLOSED RAWHIDE
Alias: None
Product: Red Hat Linux
Classification: Retired
Component: tcpdump
Version: 7.0
Hardware: i386
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Harald Hoyer
QA Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2000-12-09 23:17 UTC by Pekka Savola
Modified: 2008-05-01 15:37 UTC (History)
1 user (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2001-01-22 15:37:17 UTC
Embargoed:

Attachments (Terms of Use)

Description Pekka Savola 2000-12-09 23:17:34 UTC 
if you launch tcpdump and stop the process with CTRL-Z before anything is output,
you get interrupted system call error and tcpdump dies when you 'fg':

---
# /usr/sbin/tcpdump -n port not ssh
Kernel filter, protocol ALL, TURBO mode (575 frames), datagram packet socket
tcpdump: listening on all devices

[1]+  Stopped                 /usr/sbin/tcpdump -n port not ssh
# fg
/usr/sbin/tcpdump -n port not ssh
tcpdump: pcap_loop: poll: Interrupted system call
---

This works correctly after you have received something from the network 
and it has been output. If traffic is filtered out (e.g. port not ssh), it doesn't count.

This also works correctly with the same tcpdump rebuilt on RHL62.
Comment 1 Harald Hoyer 2001-01-22 15:12:11 UTC 
works for me with glibc-2.2-9 and kernel-2.2.16-22...
Comment 2 Pekka Savola 2001-01-22 15:37:14 UTC 
Hmm.  This only happens with 2.4.* kernels it seems.  Either the one in preview
directory
or Rawhide (kernel-2.4.0-0.43.12).

The difference seems to be TURBO mode in:

Kernel filter, protocol ALL, TURBO mode (575 frames), datagram packet socket
Note You need to log in before you can comment on or make changes to this bug.