[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Full-disclosure] libpcap: 2 concurrent threads acquiring on the same interface

To: "full-disclosure@xxxxxxxxxxxxxxxxx" <full-disclosure@xxxxxxxxxxxxxxxxx>
Subject: [Full-disclosure] libpcap: 2 concurrent threads acquiring on the same interface
From: Descombes Thierry <descombt@xxxxxxxxx>
Date: Thu, 13 Jun 2013 10:31:55 +0100 (BST)

Hello,


I have developed a small security toolsthatuse the libpcap for metrology 
purpose. I'd like to add new online capture feature, to generate pcap file 
(from a given BPF filter), without disrupting my metrology tool (nor inducing 
packets lost).  
So, I'd wish to know the best way to dothe acquisition with both, a BPF filter, 
and none (=continuously acquiring data without filtering).

Generally, is  it possible to call a 2nd applications that also use the libpcap 
on the same network interface (without disruptionor packet loss)? If yes, the 
solution might be to simply call tcpdump (as a system commandfor example...)

And if not... should I rewrite a BPF decoder&filter and use my current pcap 
loop ? Is there a easier better way ?

Thank you very much in advance for your response.

Regards

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Prev by Date: [Full-disclosure] Yet another (unpaid and unfixed) Paypal XSS
Next by Date: [Full-disclosure] [SECURITY] [DSA 2707-1] dbus security update
Previous by thread: [Full-disclosure] Yet another (unpaid and unfixed) Paypal XSS
Next by thread: [Full-disclosure] [SECURITY] [DSA 2707-1] dbus security update
Index(es):
- Date
- Thread