# ssldump: PCAP: syntax error



## setevoy (Jan 22, 2014)

I'm use:


```
# uname -ro
FreeBSD 9.0-RELEASE-p3
```

And latest ssldump:


```
# pkg_info | grep ssldump
ssldump-0.9b3_4     SSLv3/TLS network protocol analyzer
```

When I try start it with decryption - got error:

```
# ssldump -Xnd -i em0 port 8443 -k name.pem -p password
PCAP: syntax error
```

I have installed libpcap:


```
# pkg_info | grep libpcap
dnstop-20121017     Captures and analyzes DNS traffic (or analyzes libpcap dump
libpcap-1.4.0       Ubiquitous network traffic capture library
```

I found one reference about possible problems with some network interfaces in ssldump man-page:



> Support is provided for only for Ethernet and loopback interfaces



So I tried to run ssldump with lo0:


```
# ssldump -Xnd -i lo0 port 8443 -k name.pem -p password
PCAP: syntax error
```

So - how I can run ssldump with packet decryption? Where is my mistake? 
Thanks.


----------



## setevoy (Jan 22, 2014)

Any "additional" option must be used before "specified" (or vice versa in this definitions ).

Wrong way:

`# ssldump -i em0 port 8443 -a
PCAP: syntax error`

Right way:

`# ssldump -a -i em0 port 8443`


```
PCAP: syntax error
```
 Here means error in ssldump start options - not anywhere in system configuration.


----------



## SirDice (Jan 22, 2014)

setevoy said:
			
		

> ```
> # uname -ro
> FreeBSD 9.0-RELEASE-p3
> ```


FreeBSD 9.0-RELEASE is not supported any more since March 2013. Please upgrade to either 9.1 or 9.2.

http://www.freebsd.org/security/unsupported.html


----------

