|
Full Disclosure
mailing list archives
libpcap: 2 concurrent threads acquiring on the same interface
From: Descombes Thierry <descombt () yahoo com>
Date: Thu, 13 Jun 2013 10:31:55 +0100 (BST)
Hello,
I have developed a small security toolsthatuse the libpcap for metrology purpose. I'd like to add new online capture
feature, to generate pcap file (from a given BPF filter), without disrupting my metrology tool (nor inducing packets
lost).
So, I'd wish to know the best way to dothe acquisition with both, a BPF filter, and none (=continuously acquiring data
without filtering).
Generally, is it possible to call a 2nd applications that also use the libpcap on the same network interface (without
disruptionor packet loss)? If yes, the solution might be to simply call tcpdump (as a system commandfor example...)
And if not... should I rewrite a BPF decoder&filter and use my current pcap loop ? Is there a easier better way ?
Thank you very much in advance for your response.
Regards _______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
 By Date 
By Thread
Current thread:
- libpcap: 2 concurrent threads acquiring on the same interface Descombes Thierry (Jun 13)
|
