> I am asked to write a custom sniffer with libpcap on Linux that has to
> handle a load of 50.000 packets per second. The sniffer has to detect all
> HTTP requests and dump the URI with additional information, such as
> request size and possibly response time/size.
Looks very similar to :
http:
-[ Sun, Jan 09, 2011 at 02:19:53PM +0900, Andrej van der Zee ]
> Is there anything to say about a rough time-schedule?
Support for TCP segmentation as well as new parsers that use this
feature should be pushed before end of week. Concerning the capture of
POST messages we should probably start
Maybe you use a custom kernel lacking the option to enable mmap sharing
of packets from kernel to userland ?
-
This is the tcpdump-workers list.
Visit https://cod.sandelman.ca/ to unsubscribe.
Quick guess : maybe you build a custom kernel without the option to enable mmap
sharing of packets with userland ?
-
This is the tcpdump-workers list.
Visit https://cod.sandelman.ca/ to unsubscribe.
> I got it to work.
(...)
> > default: /* We got traffic */
> > pcap_dispatch(pcap0,-1, (void *) packet_callback, NULL);
> > pcap_dispatch(pcap1,-1, (void *) packet_callback2, NULL);
So that other may benefit from it in the future, I
guess your fixed version looks like:
default:
if (t
