lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
Message-ID: <1371115915.65234.YahooMailNeo@web171405.mail.ir2.yahoo.com>
Date: Thu, 13 Jun 2013 10:31:55 +0100 (BST)
From: Descombes Thierry <descombt@...oo.com>
To: "full-disclosure@...ts.grok.org.uk" <full-disclosure@...ts.grok.org.uk>
Subject: libpcap: 2 concurrent threads acquiring on the
	same interface

Hello,


I have developed a small security toolsthatuse the libpcap for metrology purpose. I'd like to add new online capture feature, to generate pcap file (from a given BPF filter), without disrupting my metrology tool (nor inducing packets lost).  
So, I'd wish to know the best way to dothe acquisition with both, a BPF filter, and none (=continuously acquiring data without filtering).

Generally, is  it possible to call a 2nd applications that also use the libpcap on the same network interface (without disruptionor packet loss)? If yes, the solution might be to simply call tcpdump (as a system commandfor example...)

And if not... should I rewrite a BPF decoder&filter and use my current pcap loop ? Is there a easier better way ?

Thank you very much in advance for your response.

Regards
Content of type "text/html" skipped

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ