Tcpdump "filtering not implemented" on Marvell WRT1200AC v1

I'm new to OpenWrt (previously used DD-Wrt). So far it's been great! However...

I'm trying to use 'tcpdump' on my WRT1200AC (ver. 1) router. With no filter expression it seems to work. But whenever I try to specify any filter expression I get this message:

tcpdump: Marvell EDSA link-layer type filtering not implemented

Is this the expected result, that I can't use tcpdump filter expressions on my Marvell-based router?
If so, is this at all likely to change?

OpenWrt 23.05.3, r23809-234f1a2efa
tcpdump 4.99.4-1 with libpcap1 1.10.4-1

The return kinda says our libpcap library does not support filtering for this particular link-layer type (EDSA).

I don’t know squat about DD-WRT, but just grasping at straws, these targets where one of the first to migrate to kernel Distributed Switch Architecture (DSA) in OpenWrt.

Got a sample filter string?

Hopefully someone far, far more knowledgeable sees this and can comment.

tcpdump is latest and it does not support yet Marvell DSA tag decoding that you only get on DSA parent device.
Just capture on sub-interfaces and you will be fine.
Unless you fill reports with relevant details nothing will change, I can run tcpdump -i lo on x86 and marvell alike.

Thank you both -- this was very helpful to me. Indeed, if I specify the -i option, the filter expression is accepted without the "not implemented" message.

I'm still quite a networking novice and I was trying to keep the command simple, just to see if it worked. The simplest examples in the man page were along the lines of tcpdump host myhostname , which gives the "not implemented" message.
tcpdump man page

I'm trying to dump the DNS requests going to my raspberry pi which runs dnsmasq as part of a "pi-hole" ad blocker. I'm trying to use something like tcpdump -i br-lan 'dst host 10.0.1.14 and dst port domain' although that doesn't seem to produce any ouput...

Thanks for the pointers -- I'll play around with it some more!

I am afraid your question is too vague. To capture traffic you have to be mitm

1 Like