Re: packet loss statistics under Linux

[Guy Harris <gharris () sonic net>]

On Mon, Jul 30, 2001 at 01:08:48PM +0700, Fyodor wrote:
> There are still lots of dodgy issues with libpcap on linux, i.g. why the
> darn timeout doesn't work properly on linux still.. among the other
> things!

If by "the darn timeout doesn't work properly in linux still" you mean
"the timer doesn't expire until after at least one packet has arrived",
that is *NOT* unique to Linux; the same applies on Solaris.

I'm also not sure why it's necessary that the timer go off even if no
packets have arrived - if the intent is to handle both user input and
packet input, why not use "select()" or "poll()" (other than "the
program also has to work with WinPcap, and the Windows WaitFor calls
don't yet seem to work on the event handle", which they say is fixed in
WinPcap 2.2 beta)?

The "select()" or "poll()" needs to have a timeout, due to BSD (other
than, I think, recent OpenBSD) mishandling "select()" on BPF devices,
and you have to put the descriptor into non-blocking mode, but that
should work.

_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
http://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users