Thank you very much for the earnest detailed reply:-)~
But there are still some questions in my mind.
=== 2005-06-30 10:10:21 Guy Harris wrote:===
>
>On Jun 29, 2005, at 5:50 PM, 广星 wrote:
>
>> What I most concern about is how to print the payload in the
>> correct format?
>> For example,
On Jun 29, 2005, at 5:50 PM, 广星 wrote:
What I most concern about is how to print the payload in the
correct format?
For example, there is a HTTP packet, how can I print the HTTP
payload according to
its real content, such as"HTTP/1.1 206 Partial".
Well, the first thing you have to determi
>
>I've attached "sniffex.c", which is intended to be libpcap example code.
>It's based on Tim Carstens "sniffer.c" source.
>
>I hope "sniffex" will serve as a decent working example of libpcap code
>and provide basic documentation via comments for beginners. I also hope
>this can serve as a tem
On Jun 29, 2005, at 3:07 PM, Robert Lowe wrote:
Seems like that kind of functionality might be a good candidate for
inclusion in libpcap itself, no?? There are already functions to
dump to a savefile; why not printable output as well??
How much printable output do you want? Should libpcap i
On Jun 29, 2005, at 2:50 PM, Borja López wrote:
After a search in this list database i've found a case
where someone had nearly the same problem
(http://www.mail-archive.com/tcpdump-workers@lists.tcpdump.org/
msg00339.html).
The cause of the problem is that ether_type is read by
processor in
Guy Harris wrote:
On Jun 29, 2005, at 1:20 PM, Guy Harris wrote:
Use "isprint()" rather than "isascii()" in "print_payload()".
...and, while you're at it, print the payload in hex, as well as ASCII,
to emphasize that there's *no* guarantee that TCP data is text. A
format such as
Hello everybody,
I reply myself my last email.
After a search in this list database i've found a case
where someone had nearly the same problem
(http://www.mail-archive.com/tcpdump-workers@lists.tcpdump.org/msg00339.html).
The cause of the problem is that ether_type is read by
processor in opposi
On Jun 29, 2005, at 1:20 PM, Guy Harris wrote:
Use "isprint()" rather than "isascii()" in "print_payload()".
...and, while you're at it, print the payload in hex, as well as
ASCII, to emphasize that there's *no* guarantee that TCP data is
text. A format such as
00 00 48 65
This isn't sniffing named pipe communication, it's using a named pipe as a
capture interface.
The end result is to allow ethereal (or other libpcap users) to read from a
local win32 named pipe created by our application. Basically, it's adding
to win32 something that the Unix people have take
On Jun 29, 2005, at 12:11 PM, Nathan Jennings wrote:
There's one issue I've run into: after displaying certain packets
(see function print_payload), my xterm/bash shell loses the ability
to display newlines (i.e scroll lines). I suppose this is due to
the display of a certain sequence of c
Nathan Jennings wrote:
> There's one issue I've run into: after displaying certain packets (see
> function print_payload), my xterm/bash shell loses the ability to
> display newlines (i.e scroll lines). I suppose this is due to the
> display of a certain sequence of characters to my xterm/shell. An
Hello,
I've attached "sniffex.c", which is intended to be libpcap example code.
It's based on Tim Carstens "sniffer.c" source.
I hope "sniffex" will serve as a decent working example of libpcap code
and provide basic documentation via comments for beginners. I also hope
this can serve as a t
Can you please give additional explanation to your message?
At present winpcap sniffs named pipes communication from MSSQL server
client on another computer to a MSSQL server. However, it does not
catch local named pipes communications.
What your development adds to these options?
Thanks
-
CVS log entries from 28.06.2005 (Tue) 09:07:04 - 29.06.2005 (Wed) 09:07:04 GMT
=
Summary by authors
=
Author: guy
File: libpcap/fad-gifc.c; Revisions: 1.11, 1.8.2.2
File: libpcap/
Guy Harris wrote:
This means that, unless I've missed something, the *only* ways to ensure
you have the entire list are either to loop, increasing the size of the
buffer, until the difference between the buffer size and the number of
bytes of interface information returned is less than the max
15 matches
Mail list logo
