tcpdump mailing list archives
Re: libpcap picks up sent packets on freebsd (plus link state query)
From: mate csaba <matecs () niif hu>
Date: Thu, 7 Jan 2016 12:50:21 +0100
hi, On 01/07/2016 11:51 AM, Guy Harris wrote:
thanks for the hint, this solved my issue: now it works fine on both linux and kfreebsd.On Jan 7, 2016, at 2:20 AM, mate csaba <matecs () niif hu> wrote:i'm developing a router (rtros.nop.hu) which uses libpcap to capture and send packets to interfaces. the interface handler can be found here: http://sources.nop.hu/src/zzz/nat-pcapInt.c it's an interface<---->udp socket converter tool: when a packet captured, it'll be sent to the udp, when a packet received from the udp, it'll be sent to the interface. it works fine on linux for years. now i've noticed that on debian/sid/kfreebsd, when i send a packet to the interface, it's get captured. could you give me hints how to avoid it in a platform independent manner?If you limit yourself to platforms on which libpcap has the pcap_setdirection() function, try calling pcap_setdirection(ifacePcap, PCAP_D_IN); before the printf("serving others\n"); call.
surely it worked fine without setdir, i'm testing regularly since linux 2.6 times on debian/sid/{i386|amd64}...(I'm a bit surprised that you're not seeing outgoing packets on Linux, though.)
yess. a libpcap api which is a wrapper for SIOCGIFFLAGS & (IFF_RUNNING | IFF_UP) or similar.... it would be very elegant if i don't call ioctl at all from this pcap code.... i've other codes for linux which uses raw sockets or zerocopy, they need to call ioctls, but pcap code really should not...and a bonus feature request (?): could you please provide an api for interface up/down states?An API to query the interface state?
this one would be also nice if i would like to achieve interface down detection within some millisecs for fast routing protocol convergence... (my side is ready for it so if you've plans here, i would be really happy to test out the results...)Or a mechanism to get notified of interface state changes?
so you mean that there's a function somewhere, like setdirection? could you point me to the right direction once again, please? :)The first could probably be done fairly straightforwardly (but you obviously will only be able to use it if you have a newer version of libpcap).
sounds interesting... if you implement interface down callback, i would appreciate it.... and if a platform can't do it, i still can query periodically the interface state with poll mechanism you mentioned above...The latter would involve more work, and might not be possible if the OS doesn't have a mechanism to deliver those events. (Linux and OS X can, I think - Wireshark uses mechanism on those OSes to be notified when interfaces appear and disappear - but it'd take a bit of work to find out what mechanisms, if any, exist on various *BSDs, Solaris, Windows, etc..)
regards, cs _______________________________________________ tcpdump-workers mailing list tcpdump-workers () lists tcpdump org https://lists.sandelman.ca/mailman/listinfo/tcpdump-workers
Current thread:
- libpcap picks up sent packets on freebsd (plus link state query) mate csaba (Jan 07)
- Re: libpcap picks up sent packets on freebsd (plus link state query) Guy Harris (Jan 07)
- Re: libpcap picks up sent packets on freebsd (plus link state query) mate csaba (Jan 07)
- Re: libpcap picks up sent packets on freebsd (plus link state query) mate csaba (Jan 18)
- Re: libpcap picks up sent packets on freebsd (plus link state query) mate csaba (Jan 07)
- Re: libpcap picks up sent packets on freebsd (plus link state query) Guy Harris (Jan 07)