Hello,
I am currently facing problems with understanding how port numbering
occurs, with pcap_findalldevs().
kindly help me to figure out, how to determine the port numbering through
pcap...
Thank you.
Awaiting your reply
-
This is the tcpdump-workers list.
Visit https://cod.sandelman.c
Hello,
> I am currently facing problems with understanding how port numbering
> occurs, with pcap_findalldevs().
From the man pages,
pcap_findalldevs() constructs a list of network devices that can be
opened with pcap_create() and pcap_activate() or with pcap_open_live()
> kindly help me to f
Hai,
Pcap_findalldevs() will give the interfaces information, for port number you
have to give the port number in filter.
Prasanna Kumar.N,
IMImobile Plot 770, Rd. 44 Jubilee Hills, Hyderabad - 500033
=
This email and any files transmitted with it are
On Jun 2, 2011, at 11:48 PM, rajath kumara wrote:
> I am currently facing problems with understanding how port numbering
> occurs, with pcap_findalldevs().
What do you mean by "port numbering"? To what sort of ports, and what numbers
for them, are you referring here?
-
This is the tcpdump-work
On 1/06/11 12:43 PM, Michael Richardson wrote:
"Sam" == Sam Roberts writes:
>> Yeah, I'd rather that we have a good set of pcap manipulation
>> tools. Maybe we just need better pointers to mergecap and
>> editcap?
Sam> I don't see extensions to libpcap a
On 1/06/11 08:10 AM, Mark Johnston wrote:
Hi Darren,
On Tue, May 31, 2011 at 03:53:22PM -0700, Darren Reed wrote:
Hi Mark,
I must admit that I don't see the point of this patch.
A pcap data file, with packets in it, is something that
I would create using tcpdump over a specific period
of
Hi, I am trying to compile a filter but I am getting a segmentation fault,
anyone can help me out?
Code:
"
...
handle = pcap_open_offline(".cap",errbuff);
string filtroexp;
filtroexp = "tcp port 80";
pcap_compile(handle,&filtro,filtroexp.c_str(),0,0);
...
"
Thanks,
--
Fla
On Jun 3, 2011, at 4:18 PM, Flavio Truzzi wrote:
>handle = pcap_open_offline(".cap",errbuff);
You're missing a
if (handle == NULL) {
report whatever error is in errbuff;
stop;
}
there. What happens after you add it?
-
This is the tcpdump
On Jun 3, 2011, at 3:13 PM, Darren Reed wrote:
> Because for every packet that is appended you need to do:
> 1. open(2)
> 2. read(2)
> 3. seek(2)
> 4. write(2)
> 5. close(2)
Really?
Why can't you do
open(2)
read(2)
seek(2)
write(2)
in pcap_dump_append(), and th
On Jun 1, 2011, at 12:43 PM, Michael Richardson wrote:
> So, you'd like to have pcap_reopen() then?
What would pcap_reopen() do? Mark's new API has a reasonable name given what
it does:
1) it returns a pcap_dumper_t, not a pcap_t, so it should have "dump"
in its name;
2) it
The handle ins't null, if I remove the compile statement I can sniff the
packages ...
On Fri, Jun 3, 2011 at 8:32 PM, Guy Harris wrote:
>
> On Jun 3, 2011, at 4:18 PM, Flavio Truzzi wrote:
>
> >handle = pcap_open_offline(".cap",errbuff);
>
> You're missing a
>
>if (handle == NULL
On 3/06/11 05:24 PM, Guy Harris wrote:
On Jun 3, 2011, at 3:13 PM, Darren Reed wrote:
Because for every packet that is appended you need to do:
1. open(2)
2. read(2)
3. seek(2)
4. write(2)
5. close(2)
Really?
Why can't you do
open(2)
read(2)
seek(2)
On 3/06/11 04:18 PM, Flavio Truzzi wrote:
Hi, I am trying to compile a filter but I am getting a segmentation fault,
anyone can help me out?
Code:
"
...
handle = pcap_open_offline(".cap",errbuff);
string filtroexp;
filtroexp = "tcp port 80";
pcap_compile(handle,&filtr
On Jun 3, 2011, at 4:18 PM, Flavio Truzzi wrote:
>pcap_compile(handle,&filtro,filtroexp.c_str(),0,0);
Where is filtro defined?
-
This is the tcpdump-workers list.
Visit https://cod.sandelman.ca/ to unsubscribe.
Solaris 11 will support the ioctl BIOCSETLIF.
This operates on "struct lifname".
Whilst there are other *LIF ioctls, only this one
is important for libpcap.
For most consumers, the primary difference is the
length of the name allowed. The traditional ifname
structure only allowed for 16 characte
This set of diffs is required to correct a problem when compiling
libpcap on Solaris 11 due to the assumption that the presence of
AF_PACKET implies certain header files are in certain positions.
The failure (without the patch) is demonstrated as follows:
gcc -O2 -fpic -I. -DHAVE_CONFIG_H -D_U_=
On 13/05/11 12:52 AM, Darren Reed wrote:
On 12/05/11 04:27 AM, Guy Harris wrote:
On May 10, 2011, at 1:40 PM, Darren Reed wrote:
To pursue this a little further, experimenting has
determined that the best layout thus far would be
something similar to this:
bits field
00-07 version (1)
08-15
17 matches
Mail list logo
