Stephen Donnelly wrote:
On Wed, 2008-01-09 at 17:12 +0100, Fabian Schneider wrote:
Hi Andy,
The two metrics I looking at now are:
- What throughput can I get before seeing dropped packets
- CPU usage
maybe you want to take a look at [1] where I have done exactly this for a
special sys
Guy Harris wrote:
Andy Howell wrote:
How about having a generic list of options? Something like:
typedef enum {
END_OF_OPTS,
PARAM_1,
PARAM_2,
} pcap_opts;
typedef union {
void *p;
unsigned int u;
} pcap_opt_value;
That assumes that an option will either be an
Abeni Paolo wrote:
hello,
I assume that the my initial suggestion is going to be dismissed,
right ?!?
on Thu 1/10/2008 10:47 AM Guy Harris wrote:
There'd also be an API to ask which parameters a particular adapter
supports (and possibly which values it supports for those
parameters, e.g. if
Fabian,
As I don't know such a list, I just tell what i know. By the way, which
link layer technology are we talking about?
I'm primarily interested in 1-Gig Ethernet right now, though I'll need
to look at 10-Gig at some point.
For 1-GigEthernet my experience shows that the intel cards ar
Hello,
I'm looking for benchmark information for NICs that work well for data
capture with libpcap. My primary focus is Linux / Solaris.
If such a list does not exist, I'd be happy to collate whatever
information available.
Regards,
Andy
-
This is the tcpdump-workers list.
Vis
Abeni Paolo wrote:
hello,
In the current cvs, at least the bpf, the win32 and the linux (memory
mapped) platforms use an internal buffer to perform the capture. The
buffer size is currently user-configurable only for the win32
platform, and it would be nice to be able to do the same also on
othe
Something that I've done (although our version of duplicate suppression,
written by a co-worker, just does header compares) is to use
high-entropy bytes in the packet structure to quickly eliminate the
possibility of duplicates, e.g. IP/TCP/UDP checksums, and if your
network card/OS provide i
Bruce Keats wrote:
I am thinking about adding a SHA1 signature to each of the packets captured
by TCPDUMP. I was poking around libpcap and I have some different ideas on
how to do. One way would be to create a new TCPDUMP magic number and then
change the packet header to include the SHA1. Anot
Guy Harris wrote:
With BPF and Digital UNIX's packetfilter, changing the filter flushes
the buffer. With Linux, changing the filter doesn't flush the buffer
- so current versions of libpcap purge the buffer themselves, so that,
after you change a filter, you don't get any packets that wou
Guy Harris wrote:
The same problem exists in some other pcap-XXX.c files. I fixed it by
getting rid of the fcode variable, and just passing the fcode.bf_insns
member of the structure.
Guy,
Thanks. Sorry I didn't look at the others.
Regards,
Andy
-
This is the tcp
I'm using pcap_dispatch to call my callback. Inside the callback, I may
set a new filter. This results in a core dump in bpf_filter.c, line 239.
Its calling abort because of a bad filter code. This will only happen
with a live capture.
The bug is actually in pcap-dlpi.c. It keeps a pointer to
11 matches
Mail list logo
