Re: Pcap debug at runtime

[Francois-Xavier Le Bail <devel.fx.lebail () orange fr>]

On 28/02/2023 17:01, Francois-Xavier Le Bail wrote:
> On 20/02/2023 21:18, Guy Harris wrote:
> > On Feb 20, 2023, at 12:15 PM, Paschal Chukwuebuk Amusuo <pamusuo () purdue edu> wrote:
> >
> > > Please, is there a way to print out debug statements at runtime when using pcap?
> >
> > Debug statements in your program?  Add printf() or fprintf(stderr, ...) or... calls to your program.
> >
> > Debug statements in libpcap?  Get the libpcap source, add printf() or fprintf(stderr, ...) or... calls to it, build 
> > it, install it, and compile your program with it.
>
> In addition to printf()/fprintf(), here is a brand new way to help debugging a program using libpcap, currently only 
> tested on Debian Linux (stable).
>
> (Similar method to the one available with tcpdump and tcpslice.)
>
> The goal is to generate instrumentation calls for entry and exit to functions.
> Just after function entry and just before function exit, the profiling functions are called and print the function 
> names with indentation and call level.
> If entering in a function, print also the calling function name with file name and line number. There may be a small 
> shift in the line number.
>
> To use it:
> (There will be a doc entry based on this topic later.)
>
> 1) sudo apt install binutils-dev
>
> 2) git clone (or pull) the libpcap project, main branch.
> configure and build with:
> $ ./autogen.sh
> $ ./configure --quiet --enable-instrument-functions
> $ make -s clean all
>
> 3) To test the method, create a project directory in the same parent directory than libpcap.
> |-- libpcap
> |-- my_project
>
> cd in the project directory.
> Copy an existing program to test.
> $ cp -vai ../libpcap/testprogs/findalldevstest.c my_project.c
>
> Build with the following Makefile:
> [...]

[My previous message seems to be lost, send again].

After an update based on a Denis's idea, the configuration use now an environment variable instead of configurations 
files.
    
If the environment variable INSTRUMENT is
- unset or set to an empty string, print nothing, like with no instrumentation
- set to "all" or "a", print all the functions names
- set to "global" or "g", print only the global functions names
    
Note that before the change, the default was to print all functions. Now it is to print nothing.
    
This allows to run with tcpdump, tcpslice or any program linked to libpcap:
$ INSTRUMENT=a ./my_program ...
$ INSTRUMENT=g ./my_program ...
$ INSTRUMENT= ./my_program ...
or
$ export INSTRUMENT=global
$ ./my_program ...

This also allows to run the statically compiled binary on another host after copying it.

It is no longer necessary to modify the configuration with:
$ make instrument_all
$ make instrument_global
$ make instrument_off
(Targets removed.)

_______________________________________________
tcpdump-workers mailing list -- tcpdump-workers () lists tcpdump org
To unsubscribe send an email to tcpdump-workers-leave () lists tcpdump org
%(web_page_url)slistinfo%(cgiext)s/%(_internal_name)s