Re: forcing pcap_loop() failures

[Eloy Paris <peloy () chapus net>]

Guy,

On Wed, Oct 18, 2006 at 04:12:04PM -0700, Guy Harris wrote:

[...]

> Note that in some systems with BPF (older versions of  
> {Free,Net,Open,Dragonfly}BSD, current versions of Mac OS X), select()  
> (and poll()) don't work correctly on BPF devices, and so you have to  
> work around that.  (Note also that poll() doesn't work on *ANY*  
> character special file, including BPF devices but also including ttys/ 
> ptys, in OS X 10.4[.x], i.e. Tiger.)
>
> The workaround is to
>
>       1) put the pcap_t into non-blocking mode (use pcap_setnonblock());
>
>       2) use the timeout value you used when opening as the timeout value  
> for select();
>
>       3) call pcap_dispatch() if the timeout expires, not just if select() 
> says the pcap FD is readable.
>
> (And, as indicated, do *NOT* use poll() if you can avoid it, as, in OS  
> 10.4[.x], you can't use poll() on the descriptor you get from  
> pcap_get_selectable_fd().  Note that the GLib and thus GTK+ main loop  
> uses poll(), not select.)

How would one notice that select() is not working correctly on a BPF
device on some of the BSDs? You mention that recent versions of OS X
are affected, but I have an application that runs on OS X, that uses
select() on a BPF device, that doesn't use the workaround mentioned
above (and in pcap's man page), and I don't see any signs of broken
behavior.

So, what are the symptoms of the broken behavior?

Cheers,

Eloy.-
-
This is the tcpdump-workers list.
Visit https://cod.sandelman.ca/ to unsubscribe.