tcpdump mailing list archives
capture and inject device capabilities in libpcap
From: Denis Ovsienko <denis () ovsienko info>
Date: Mon, 18 Nov 2024 19:54:43 +0000
Hello all.
The current approach in libpcap is such that an application at some
point tries to activate a device, and if the device does not support
capturing packets, pcap_activate() fails with the
PCAP_ERROR_CAPTURE_NOTSUP error code. One drawback of this is that the
application has no means to tell a capture-capable device without
trying to activate it, another is that telling an inject-capable device
takes trying to use the device after pcap_activate() succeeds. It would
be useful to have a shorter feedback loop for these capabilities.
The recent work on pcap_inject() support in pcap-dag.c made it easier
to see that a usable libpcap device can be capture-only or inject-only
or both or possibly even neither. As far as it seems to me, in this
case introducing additional PCAP_IF_ flags would be a better fit than
introducing additional functions into the API.
One complication here is that in some cases libpcap may not be aware of
a device capability until it gets an error from the OS (as is the case
with PCAP_ERROR_CAPTURE_NOTSUP in pcap-linux.c), so pcap_findalldevs()
would not be able to set "this device can capture" and "this device can
inject" flags reliably. So it seems to make more sense to declare what
would certainly *not* work, such as:
PCAP_IF_NO_CAPTURE -- capture is guaranteed not to work
PCAP_IF_NO_INJECT -- inject is guaranteed not to work
For example, pcap-haiku.c, pcap-bt-linux.c and pcap-bt-monitor-linux.c
would set PCAP_IF_NO_INJECT on all devices, modules that support the
"any" pseudo-interface would set PCAP_IF_NO_INJECT on it and pcap-dag.c
would set either PCAP_IF_NO_CAPTURE or PCAP_IF_NO_INJECT.
Then an application would have a means to filter the device list based
on its use case and to avoid/handle guaranteed failures as early as
possible. It would still have to handle errors as before because, for
example, not seeing PCAP_IF_NO_CAPTURE does not guarantee that capture
will work on one hand, and on the other is the expected behaviour with
older libpcap versions.
Does it make sense?
--
Denis Ovsienko
_______________________________________________
tcpdump-workers mailing list -- tcpdump-workers () lists tcpdump org
To unsubscribe send an email to tcpdump-workers-leave () lists tcpdump org
%(web_page_url)slistinfo%(cgiext)s/%(_internal_name)s
Current thread:
- capture and inject device capabilities in libpcap Denis Ovsienko (Nov 18)
- Re: capture and inject device capabilities in libpcap Michael Richardson (Nov 18)
- Re: capture and inject device capabilities in libpcap Guy Harris (Nov 18)
- Re: capture and inject device capabilities in libpcap Guy Harris (Nov 18)
- Re: capture and inject device capabilities in libpcap Denis Ovsienko (Dec 01)
- Re: capture and inject device capabilities in libpcap Michael Richardson (Nov 18)