On Nov 30, 2011, at 2:40 AM, Fernando Gont wrote:
> Could you suggest a good reference for BPF syntax? -- So far I've only
> used pcap_compile() and hence didn't really get into BPF.
Well, for reference purposes, there's the original BPF paper:
http://www.tcpdump.org/papers/bpf-usenix93
On 11/28/2011 02:49 PM, Guy Harris wrote:
>> 1. Captures and sends some packets 2. Does something else 3.
>> Captures and sends some packets
>>
>> I'd like to use the same libpcap descriptor (pcap_t *) for both
>> Step 1 and step 2 above, but I don't want want libpcap to continue
>> capturing pack
On Nov 17, 2011, at 2:22 AM, Fernando Gont wrote:
> Basically, I have a program that does this:
>
> 1. Captures and sends some packets
> 2. Does something else
> 3. Captures and sends some packets
>
> I'd like to use the same libpcap descriptor (pcap_t *) for both Step 1
> and step 2 above, but
Folks,
Is there a recommended way to momentarily stop packet capture on a
libpcap descriptor?
Basically, I have a program that does this:
1. Captures and sends some packets
2. Does something else
3. Captures and sends some packets
I'd like to use the same libpcap descriptor (pcap_t *) for both
