tcpdump mailing list archives
Re: code available: netmap support for libpcap
From: Luigi Rizzo <rizzo () iet unipi it>
Date: Sat, 15 Feb 2014 23:10:05 +0100
On Sat, Feb 15, 2014 at 01:41:41PM -0800, Guy Harris wrote:
On Feb 15, 2014, at 12:17 PM, Luigi Rizzo <rizzo () iet unipi it> wrote:+ p->linktype = DLT_EN10MB;So this either 1) only works on Ethernet devices and devices that supply Ethernet headers or 2) generates Ethernet headers that replace the native link-layer headers for devices that don't supply Ethernet headers?
it is #1.
@@ -307,6 +311,9 @@ struct capture_source_type { int (*findalldevs_op)(pcap_if_t **, char *); pcap_t *(*create_op)(const char *, char *, int *); } capture_source_types[] = { +#ifdef PCAP_SUPPORT_NETMAP + { NULL, pcap_netmap_create }, +#endif #ifdef HAVE_DAG_API { dag_findalldevs, dag_create }, #endifThis means that "tcpdump -D/tshark -D" and the Wireshark GUI won't show netmap or vale devices; for command-line tools, this means you have to enter those devices manually, but it might make it impossible to capture on those devices in the Wireshark GUI. Can you enumerate the netmap and vale devices? If so, you should have a findalldevs routine.
Netmap works at least on any interface visible to the OS (in native or emulated mode, the latter with some limitations e.g not when the interface is bound to a switch), but ports of VALE switches and netmap pipes are dynamically created so any name that starts with netmap: and vale results in a valid netmap port. Also, when a port is in netmap mode is temporarily disconnected from the host stack, so you want to be careful on where you use it. The monitoring folks (bro, suricata...) will probably love this feature but for others it might be more problematic. I did have a findalldevs routine in earlier versions of the code (mostly copying the one in pcap-bpf; perhaps i could even hook on those), but removed it because it can only return a partial list of ports and i thought it would not be very useful. cheers luigi _______________________________________________ tcpdump-workers mailing list tcpdump-workers () lists tcpdump org https://lists.sandelman.ca/mailman/listinfo/tcpdump-workers
Current thread:
- code available: netmap support for libpcap Luigi Rizzo (Feb 15)
- Re: code available: netmap support for libpcap Michael Richardson (Feb 15)
- Re: code available: netmap support for libpcap Luigi Rizzo (Feb 15)
- Re: code available: netmap support for libpcap Guy Harris (Feb 15)
- Re: code available: netmap support for libpcap Luigi Rizzo (Feb 15)
- Re: code available: netmap support for libpcap Michael Richardson (Feb 15)
- Re: code available: netmap support for libpcap Guy Harris (Feb 15)
- Re: code available: netmap support for libpcap Luigi Rizzo (Feb 15)
- Re: code available: netmap support for libpcap Luigi Rizzo (Feb 15)
- Re: code available: netmap support for libpcap Luigi Rizzo (Feb 15)
- Re: code available: netmap support for libpcap Michael Richardson (Feb 15)
- Re: code available: netmap support for libpcap Luigi Rizzo (Feb 15)
- Re: code available: netmap support for libpcap Michael Richardson (Feb 15)
- Re: code available: netmap support for libpcap Guy Harris (Feb 27)
- Re: code available: netmap support for libpcap Luigi Rizzo (Feb 27)
- Re: code available: netmap support for libpcap Guy Harris (Feb 27)
- Message not available
- Re: code available: netmap support for libpcap Guy Harris (Feb 27)
- Re: code available: netmap support for libpcap Luigi Rizzo (Feb 27)
- Re: code available: netmap support for libpcap Guy Harris (Feb 27)