On Wed, Sep 23, 2009 at 2:39 PM, Robert Burgess
wrote:
>> Or you could consider not using pcap at all. I don't know what your
>> application is but it's possible you could accomplish it just by
>> receiving and sending on raw IP sockets. That's also quite portable.
>
> Thanks for this suggestion!
> Or you could consider not using pcap at all. I don't know what your
> application is but it's possible you could accomplish it just by
> receiving and sending on raw IP sockets. That's also quite portable.
Thanks for this suggestion! I read a bunch of documentation claiming
it was actually high
On Wed, 23 Sep 2009 16:38:06 -0400, Robert Burgess wrote:
> I guess I'm not sure. What I want is a chain of these things so that
> each one waits for the previous to pass on the packet, and I don't want
> to tie myself down to the topology. On a switched ether, for instance,
OK. That definitely
> interface, so if it receives a packet off the network, its only choices
> would be to deliver it locally, or have some way of reinjecting back
> onto the ethernet.
I guess I should mention, I'm expecting the administrator of the firewall
or whatever to ensure that these things are actually in a
> It sounds like you are capturing and injecting on the same interface
> (otherwise you wouldn't get that infinite loop). Is that really what
> you need to do?
I guess I'm not sure. What I want is a chain of these things so that
each one waits for the previous to pass on the packet, and I don't w
On Wed, 23 Sep 2009 14:01:53 -0400, Robert Burgess wrote:
> iptables firewall) and they still appear in my pcap program (the first
> half), but when I try to reinject, depending on what setup I try, either
> the injected packets get dropped too, or they get injected correctly but
> also recaptured,
I am writing a program that captures packets, does some processing on each
one, and does not permit it to be delivered on until the processing for
that packet is done. I can accomplish this easily without pcap using
the Linux kernel 2.6 support for netfilter queues, so if you have any
experience w
