tcpdump mailing list archives

Previous By Date Next
Previous By Thread Next

pcap_breakloop help

From: "Joe Shaw" <JShaw () evitechnology com>
Date: Wed, 06 Dec 2006 16:04:23 -0500
Hello,
 
I am new to pcap programming.  I'm having issues with pcap_loop not
exiting when I give the pcap_breakloop command.  I read where it should
be executed by a signal handler that doesn't restart system calls.  I
believe I am doing this, but pcad_loop still waits for one last packet
before exiting.  Thanks in advance for any help.  -Joe
 
static sem_t pcap_sem;
static char filter_exp[100];
static unsigned char capture_packets;
pcap_t* handle;
 

static void sig15(int sig) {
 capture_packets = 0;
 pcap_breakloop(handle);
}
 
void pcap_cb (u_char *user, const struct pcap_pkthdr *pkt_header, const
u_char *pkt_data) {
 if (pkt_data) syslog(LOG_INFO, "Got packet: %d bytes captured:",
pkt_header->caplen);
}
 
void * pcap_main(int *a) {
 
 char *dev, errbuf[PCAP_ERRBUF_SIZE];
 bpf_u_int32 mask, net;
 struct bpf_program fp;
 
 if (signal(15, sig15) == SIG_ERR) {
  perror("SIGNAL");
  syslog(LOG_INFO, "Error installing sig15 handler %m");
  exit(-1);
 }
 siginterrupt(15, 1);
 
 capture_packets = 0;
 
 if (sem_init(&pcap_sem, 0, 1) <0)
  syslog(LOG_INFO,"pcap_main: Failure to initialize semaphore\n");
 sem_wait(&pcap_sem);
 
 dev = pcap_lookupdev(errbuf);
 
 handle = pcap_open_live(dev, BUFSIZ, 1, 1000, errbuf);
 
 while (1) {
  sem_wait(&pcap_sem);
 
  if (pcap_compile(handle, &fp, filter_exp, 0, net) == -1) {
   syslog(LOG_INFO,"Couldn't parse filter %s: %s", filter_exp,
pcap_geterr(handle));
   capture_packets = 0;
  } else if (pcap_setfilter(handle, &fp) == -1) {
   syslog(LOG_INFO,"Couldn't install filter %s: %s", filter_exp,
pcap_geterr(handle));
   capture_packets = 0;
  }
 
  while (capture_packets > 0) {
   syslog(LOG_INFO, "Waiting to capture packet");
   pcap_loop(handle, -1, pcap_cb, NULL);
   syslog(LOG_INFO, "Done capturing packets");
  }
 
  pcap_freecode(&fp);
 }
}
 
void start_capture(unsigned long ccAddr, char* filter) {
 strcpy(filter_exp, filter);
 capture_packets = 0x0F;  //anything greater than 0
 sem_post(&pcap_sem);
}
 
void stop_capture(){
 raise(15);
}
-
This is the tcpdump-workers list.
Visit https://cod.sandelman.ca/ to unsubscribe.
Previous By Date Next
Previous By Thread Next

Current thread: