Hello,

I love httpry for copper interfaces. I recently purchased a 10g EndaceDAG Data Capture Card and attempted to make httpry look at the dag0 interface without success (error below). I'm able to get this to work with bro and tcpdump without issue. Any ideas on how I can get httpry to recognize this device like bro/tcpdump does? I suspect it lies somewhere in the libpcap module but thats outside my capabilities at the moment. Looking to see if anyone else has ideas or has experienced a similar issue. Redhat 6.5 OS.

"httpry version 0.1.8 -- HTTP logging and information retrieval tool
Copyright (c) 2005-2014 Jason Bittel jason.bittel@gmail.com
Error: Cannot open live capture on 'dag0': dag0: No such device exists (SIOCGIFHWADDR: No such device)
Caught SIGINT, shutting down..."

"tcpdump -i dag0
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on dag0, link-type EN10MB (Ethernet), capture size 262144 bytes
...
73 packets captured
73 packets received by filter
0 packets dropped by kernel"

Card reference:
http://www.endace.com/products/endacedag-data-capture-cards/features/

Thanks!

Looks like httpry calls:
libpcap.so.1 => /usr/lib64/libpcap.so.1

The DAG card works with tcpdump that calls:
libdag.so.5 => /usr/lib64/libdag.so.5

I need to learn more about makefile and how executables like this are made.

BEHOLD INTERNET FOR I CAN FINALLY CONTRIBUTE SOMETHING TO THE OPEN SOURCE WORLD!

cd /path/to/httpry install directory
mv httpry httpry.bak
vi Makefile
modify LIBS to look like:
LIBS = -lcrypto ../libpcap-1.7.3/libpcap.a -ldag -lpthread -lm -pthread

:wq!
httpry -i dag0

BOOM IT WORKS

Great, glad you were able to get it working. Thanks for sharing the solution!