On Apr 7, 2013, at 3:25 PM, wen lui wrote:
> 1 I don't know how pcap handler works, my understanding is: when
> pcap_open_live() function is called and the filter is set, it will capture
> all matching packets and put them in a FIFO queue somewhere. Then, each
> time I call pcap_next(), the pack
I want to use libpcap to capture some packets in my tcp server program
some of the snippets in my program are like:
handle = pcap_open_live(dev, BUFSIZ, 0, 0, errbuf);
pcap_compile(handle, &fp, filter_exp, 0, mask) == -1
pcap_setfilter(handle, &fp);
struct pcap_pk
