adding new devices to libpcap

[Sean Irvine <sairvin () xtra co nz>]

We have pieces of hardware capable of monitoring various
kinds of network links.  This hardware is not configured
as a network device (i.e. it is not ifconfig friendly),
but we do have Linux drivers to talk to the hardware.

We plan to modify libpcap so it can talk directly with
this hardware. We are open to suggestions as to the best
approach to do so.

So far our options appear to be:

(a) Modify pcap-linux.c to include support for our
    device. This would mean it would be possible to
    simultaneously use our device and eth0. However,
    there will be a performance penalty deciding
    which device is to be read from each packet.

(b) Write a new pcap-xxx.c to support only our
    device. This has the advantage of smaller
    changes to the existing libpcap code base, but
    will limit functionality. Further, programs
    (i.e. tcpdump, Snort, etc.) will then have to
    be linked against the appropriate library.

Does anyone have any comment or preference?

Regards,
Sean A. Irvine


-
This is the TCPDUMP workers list. It is archived at
http://www.tcpdump.org/lists/workers/index.html
To unsubscribe use mailto:tcpdump-workers-request () tcpdump org?body=unsubscribe