Re: What is meant by the callback function

["Guy Harris" <guy () alum mit edu>]

Varuna De Silva wrote:

> 1. what is really meant by the callback routine, what does it do? How
> should I write this function?where should this be written. please be kind
> to guide me to starting place. my idea is that it is the higher layer sw
> which makes use of libpcap.

Yes, the callback function is in the higher-layer software that uses
libpcap/WinPcap.  tcpdump, for example, has two callback functions that
write raw packet data to a capture file and one callback function that
dissects the packet and prints the dissection; other programs such as
Wireshark/TShark, snort, etc. have their own callback functions.

The callback function processes the packet data handed to it as the third
argument, and the packet time stamp and length information in the
structure passed to it as the second argument.

If you're modifying libpcap to support a new type of capture, you don't
write the callback function, you write code in the read_op routine to call
the callback function; a pointer to the callback function is passed to the
read_op routine.


-
This is the tcpdump-workers list.
Visit https://cod.sandelman.ca/ to unsubscribe.