tcpdump mailing list archives

Previous By Date Next
Previous By Thread Next

Re: parent-child process, selectable file descriptor and pcap

From: Guy Harris <guy () alum mit edu>
Date: Thu, 18 Apr 2013 00:41:19 -0700

On Apr 17, 2013, at 7:10 PM, wen lui <esolvepolito () gmail com> wrote:


I have a program, part of the source codes are:

       handle = pcap_open_live(dev, BUFSIZ, 0, 0, errbuf);
       pcap_compile(handle, &fp, filter_exp, 0, mask) == -1
       pcap_setfilter(handle, &fp);
       struct pcap_pkthdr pcap_header;      // The header that pcap gives
us
       const u_char *pcap_packet;           // The actual packet

       while(1){

         n=fork();
         if(n==0) { // child process


                ...


                               pcap_packet = pcap_next(pcap_handler, &pcap_header);



then I notice that the pcap_header.len is 0
what is the reason for this?


Probably because using the same pcap_t in either a parent and a child, or in two children of the same parent, isn't 
guaranteed to work.


I think the problem may be:




1)   there are parent-child process relationship


Yes.


can anyone give some suggestions on this? thanks!


Open separate pcap_t's in each process.

_______________________________________________
tcpdump-workers mailing list
tcpdump-workers () lists tcpdump org
https://lists.sandelman.ca/mailman/listinfo/tcpdump-workers
Previous By Date Next
Previous By Thread Next

Current thread: