Re: Filebacked-tvbuffs : GSoC'13

[Ambarisha B <b.ambarisha () gmail com>]

On Wed, May 1, 2013 at 9:46 PM, Anders Broman <a.broman () bredband net> wrote:

> It may be problematic to obtain the fragments from the original file in
> case it is gziped or if the fragments are
> parts of decrypted packets so writing to a new file might be the best
> option.

Agreed. Jeff suggested that we've decently fast random access to gzipped
files. So, the way I see it, we've two ways of dealing with encrypted
files(and bzip'ed files):

   1. Just keep all the info in temporary files and clean up the files when
   free'ing the tvb's. In this case, can we use the wiretap to deal with the
   temporary files as well?
   2. Incase of encrypted files, we can have a "large cache" so in the
   worst case we are back to where we are now with them.

If encrypted packets are not so common, 2 would be ok. But I think 1 is the
right way to do it. What do you guys think? Or are there more ways of
dealing with this?

Cheers, Ambarish

___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev () wireshark org>
Archives:    http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
             mailto:wireshark-dev-request () wireshark org?subject=unsubscribe