On Jul 9, 2011, at 6:52 PM, Sanjay Sundaresan wrote:
> Is the approximation because of the fact that NIC card generarates interrupt
> only after some number of packets arrive ?
Yes, that's one of the reasons. There's also the delay between the arrival of
the packet and the delivery of the inte
Is the approximation because of the fact that NIC card generarates interrupt
only after some number of packets arrive ?. Does device polling affect time
stamp ? At what stage of capture time stamping is done ?
On Sat, Jul 9, 2011 at 6:59 PM, Alokat wrote:
> On 07/09/11 21:56, Guy Harris wrote:
On Jul 9, 2011, at 7:50 PM, Alokat wrote:
> Just for sure:
>
> *Ethernet packet*
>
> means a layer 2 (OSI / ISO model) packet right?
Yes.
-
This is the tcpdump-workers list.
Visit https://cod.sandelman.ca/ to unsubscribe.
On 07/10/11 00:25, Guy Harris wrote:
> On Jul 9, 2011, at 7:01 PM, Alokat wrote:
>
>> I'm wondering whats the difference between the pcap_packet and the payload?
> What do you mean by "the payload"?
>
>> I have seen that you can extract the payload like this:
>>
>> payload = (u_char *)(packet + SIZ
On Jul 9, 2011, at 7:01 PM, Alokat wrote:
> I'm wondering whats the difference between the pcap_packet and the payload?
What do you mean by "the payload"?
> I have seen that you can extract the payload like this:
>
> payload = (u_char *)(packet + SIZE_ETHERNET + size_ip + size_tcp);
That's th
Hi,
I'm wondering whats the difference between the pcap_packet and the payload?
I have seen that you can extract the payload like this:
payload = (u_char *)(packet + SIZE_ETHERNET + size_ip + size_tcp);
Contains the packet_data some more information?
Regards,
alokat
-
This is the tcpdump-wor
On 07/09/11 21:56, Guy Harris wrote:
> On Jul 9, 2011, at 4:41 PM, Alokat wrote:
>
>> I'm wondering what is in the pcap_data (pcap file format) and what is not?
>> Especially the timestamp ... is it just in the packet_header or in the
>> packet_data too?
> A pcap file starts with a header. Followi
On Jul 9, 2011, at 4:41 PM, Alokat wrote:
> I'm wondering what is in the pcap_data (pcap file format) and what is not?
> Especially the timestamp ... is it just in the packet_header or in the
> packet_data too?
A pcap file starts with a header. Following the header are zero or more packet
reco
Hi,
I'm wondering what is in the pcap_data (pcap file format) and what is not?
Especially the timestamp ... is it just in the packet_header or in the
packet_data too?
Regards,
alokat
-
This is the tcpdump-workers list.
Visit https://cod.sandelman.ca/ to unsubscribe.
Hello,
I've created a patch that actually manages to build into an rpm on my
opensuse system. Wireshark HEAD also detects rpcap support when buiding with
cmake. Now all I have to do is wait for the equipment to come back to
do a real test...
The patch can be downloaded from:
http://www-agrw.inform
10 matches
Mail list logo
