Back to Top

Friday, August 13, 2010

Problems (and a semi-solution) for tcpdump with DAG cards


Documenting here for posterity, since I didn't find much information about it on the 'net:

Disclaimer: I'm not a network head, just an amateur who dabbles with it when he needs to fix a problem.

Given one Ninjabox (the nickname for packet capture boxes from Endace) with a DAG card (some kind of custom packet capture network card from the same company), you could get the following error when trying to use tcpdump on the dag interface:

tcpdump: dag_attach_stream: Permission denied

The problem seems to be unrelated to your privilege level (you will get this even if you are running as root), but rather to the fact that some other program is/was using the particular interface. You can quickly check this by doing a lsof | grep dag0. In my case it was softflowd. But even after killing the softflowd process, I was getting the same error message. I had to reset the card using the following commands:

/etc/init.d/dag_drivers_load stop
/etc/init.d/dag_drivers_load start

After this tcpdump worked like a charm. Hope that this information will save people from searching around as I had to do.

Off topic minirant: why use custom hardware / software? In my experience they almost never deliver the performance they promise and are hard to troubleshoot because of lack of information.

shuttledirect review


The purpose of this website is to offer prebookable Airport taxi transfers. This means that you can rent a transportation method to/from the airport before you even embark on your journey.

Is it worth it? I have to admit that I'm far from being a big traveler, but until now every airport I've been to offers many ways to travel to the nearest city which are clearly marked. Also, this site is an aggregator of local offerings (it doesn't provide the services itself), which means that the quality may vary between different parts.

The trustlevel I have in the site (since security is a feeling, not some objective thing for most people) is medium for several reasons:

  • They exist since a long time (since 2002), which is good, but don't have the proper SSL setup (which is bad, especially for a site which wants to take my money)
  • They don't run on a dedicated server, although probably the other sites hosted on the same server belong to the same company (so not as bad as using shared hosting)
  • The different security logos which they present are not linked to the respective organizations (you can't click on them to access the information the third-party has about the site)

Considering all the above, plus the fact that I never felt the need for such a service, I am somewhat reticent to recommend it, but it might work for other people.

Full disclosure: this is a paid review from ReviewMe. Under the terms of the understanding I was not obligated to skew my viewpoint in any way (ie. only post positive facts).