tcpdump mailing list archives
Re: pcap_loop - any other option that won't block
From: Gianluca Varenni <Gianluca.Varenni () riverbed com>
Date: Thu, 5 May 2011 15:24:58 -0700
I would just perform the capture in a separate thread. Have a nice day GV -----Original Message----- From: tcpdump-workers-owner () lists tcpdump org [mailto:tcpdump-workers-owner () lists tcpdump org] On Behalf Of Jeff Garrett Sent: Thursday, May 05, 2011 8:30 AM To: tcpdump-workers () lists tcpdump org Subject: [tcpdump-workers] pcap_loop - any other option that won't block while sniffing for infinite time Hi. I am looking to setup a kind of a sniffer manager in C that is cross platform (Windows, Linux). I have everything working in both platforms, with the exception of one thing - the main sniffing loop. So far, the code I have used is nothing that I haven't already seen online in various places. Basically, I want a client to be able to issue commands to a "manager" that manages the interfaces and perform sniffing on them. Eg. Step 1 is I want to list the interfaces, so I created a function to print the info on the screen after calling pcap_lookupdevs() function. Step 2 is to start sniffing on a particular device (eg. the name of one of the devices returned from previous function) using any BPF filter. Again, I get the code, using pcap_open_live() and pcap_comiple() and pcap_setfilter(). My problem is with the sniffing loop part of it. I want to be able to return from Step 2 and say "yes, sniffing was started successfully" or "no there was an error". I also want the sniffing to occur infinitely, or until I say stop (via pcap_breakloop() function). In addition, I want to be able to issue other calls, like getting the received/dropped packets stats for the network device (which I have the code for), and stopping the sniffing and printing the final statistics and closing the handle to the device. But, I can't seem to do that because the code is always blocking on pcap_loop() or pcap_dispatch(), which I know its expected to. I have a global array of handles and device names for which I am sniffing. Is there any good ideas for this kind of functionality? Is creating a thread and calling the pcap_loop function a good idea? Is there any example code of doing that? Please advise. Thanks. Jeff - This is the tcpdump-workers list. Visit https://cod.sandelman.ca/ to unsubscribe. - This is the tcpdump-workers list. Visit https://cod.sandelman.ca/ to unsubscribe.
Current thread:
- pcap_loop - any other option that won't block while sniffing for infinite time Jeff Garrett (May 05)
- Re: pcap_loop - any other option that won't block while sniffing for infinite time Guy Harris (May 05)
- Re: pcap_loop - any other option that won't block Gianluca Varenni (May 05)