why does pcap_dispatch return 0?

[liu wen <caonimagongling () gmail com>]

I'm using libpcap and libevent in a program.


the related source codes are:
--------------------------------------------------------------------------------------------------------------------------------------------
const u_int16_t RELAY_PORT = 8000;

pcap_t *create_pcap(const void *dev, pcap_style_t style)
{
        pcap_t *handle;                 /* Session handle */
   struct bpf_program fp;          /* The compiled filter */
        bpf_u_int32 mask;               /* The netmask */
        bpf_u_int32 net;                /* The IP subnet*/
        const struct pcap_pkthdr* pcap_header;   /* A pointer to
pcap_pkthdr structure */
        const u_char *pcap_packet;           /* The captured packet */

char interface[20];
        strcpy(interface, dev);

/* Find the properties for the network interface */
if (pcap_lookupnet(interface, &net, &mask, errbuf) == -1) {
fprintf(stderr, "Pcap counldn't get netmask for device %s: %s\n",
interface, errbuf);
net = 0;
mask = 0;
}


        handle = pcap_open_live(interface, BUFSIZ, 0, 0, errbuf);
        if (handle == NULL) {
fprintf(stderr, "Pcap open live capture failure: %s\n", errbuf);
                exit(1);
        }

sprintf(filter_exp, "tcp[tcpflags] & (tcp-syn|tcp-ack) == (tcp-syn|tcp-ack)
&& src port %d || dst port %d", RELAY_PORT, RELAY_PORT);

        /* Compile and apply the filter */
        if (pcap_compile(handle, &fp, filter_exp, 0, mask) == -1) {
fprintf(stderr, "Pcap parse filter failure: %s\n", pcap_geterr(handle));
        exit(1);
}

        if (pcap_setfilter(handle, &fp) == -1) {
fprintf(stderr, "Pcap couldn't install filter: %s\n", pcap_geterr(handle));
        exit(1);
}
if(style == NONBLOCKING){
if(pcap_setnonblock(handle, 1, errbuf) == -1){
        fprintf(stderr, "Pcap set non-blocking fails: %s\n", errbuf);
                exit(1);
}
}
return handle;
}

//////////////////////////////////////////////////

void on_capture(int pcapfd, short op, void *arg)
{
    int res;
#ifdef DEBUG
printf("on capture \n");
#endif
pcap_t *handle;
handle = (pcap_t *)arg;
fqueue_t* pkt_queue;

/* put all packets in the buffer into the packet FIFO queue
* and then process these packets
* */
pkt_queue = init_fqueue();
res = pcap_dispatch(handle, -1, collect_pkt, (u_char *)pkt_queue);
#ifdef DEBUG
printf("pcap_dispatch() returns %d\n", res);
#endif
if(!res) return;
process_packet(pkt_queue);
}

////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////

int pcapfd;
pcap_t *pcap_handle;
struct event  pcap_ev;

pcap_handle = create_pcap("eth0", NONBLOCKING);
pcapfd = pcap_get_selectable_fd(pcap_handle);
if(pcapfd<0){
perror("pcap_get_selectable_fd() failed!\n");
exit(1);
}

if (setnonblock(pcapfd) == -1) return -1;

base = event_init();

event_set(&pcap_ev, pcapfd, EV_READ|EV_PERSIST, on_capture, pcap_handle);
event_base_set(base, &pcap_ev);
if(event_add(&pcap_ev, NULL) == -1){
   perror("event_add() failed for pcap_ev!\n");
   exit(-1);
}
event_base_dispatch(base);
--------------------------------------------------------------------------------------

then I run the program on host A and send packets from host B, meanwhile I
use a tcpdump to capture packets on A  (tcpdump -i eth0  port 8000 )
the tcpdump can capture the packet, but in the program,  pcap_dispatch()
returns 0 when it is called for first time and the second time (so I get to
consecutive 0, "pcap_dispatch() returns 0", also collect_pkt() was not
invoked), what is wrong? (when it is called for the thrid time, it returns
1)
_______________________________________________
tcpdump-workers mailing list
tcpdump-workers () lists tcpdump org
https://lists.sandelman.ca/mailman/listinfo/tcpdump-workers