On Thu, 2006-02-16 at 12:42 -0800, Guy Harris wrote:
Require read and write access for appending, open for reading and
writing, read the header, make sure the link-layer type and snapshot
length are the same (and fail if they're not), and then seek to the
end and start writing.
And
There's also the possibility of the SE Linux default configuration
shipped with FC4 causing trouble. Try disabling it and see if the error
persists?
Cheers,
Christian.
--
Hi Evan,
if Guy's points aren't a concern for you, you can just use libpcapnav.
It provides pcapnav_get_offset() which does what you want.
http://netdude.sourceforge.net/doco/libpcapnav/index.html
Cheers,
Christian.
--
Hi there,
I'm not sure if it's the cause of the problem but you definitely need to
copy out the values passed into packet_handler instead of assigning the
pointers. You can just assign the pcap_pkthdr; in order to copy the
packet data, obtain the caplen from the header, allocate a chunk of
memory
Hi Loris,
On Fri, 2005-06-03 at 10:10 -0700, Loris Degioanni wrote:
Guy,
Guy Harris wrote:
However, it sounds as if that only applies if the DLL is using a
different version, or different instance, of the C runtime:
Yes, but this doesn't solve the problem. You just cannot force the
On Wed, 2005-04-27 at 11:04 +, soumya r wrote:
Hello,
I am doing a sniffer program using libpcap as part of my project. How can
I display the 'packet payload' in 'HEX' and 'ASCII' forms? Please advice.
Just look how tcpdump does it (print-ascii.c), or how I did it in the
hex/ascii widget
On Wed, 2004-06-30 at 12:50, Michael Richardson wrote:
-BEGIN PGP SIGNED MESSAGE-
Christian == Christian Kreibich [EMAIL PROTECTED] writes:
Christian proposal that while I personally think an XML capture
Christian format is not the right idea, an XML based tcpdump output
On Wed, 2004-04-14 at 00:06, Jefferson Ogata wrote:
I'm suggesting the pcap storage format be XML. A raw capture, without using
protocol dissectors, would just be a sequence of base64-encoded (perhaps) frames
and metadata.
But once you're using raw base64-encoded (or whatever), you're
On Tue, 2004-04-13 at 16:09, Jefferson Ogata wrote:
Something keeps bugging me, and I just want to throw it out there for
the mad dogs to tear into little bloody pieces:
Given all the desirable options people are looking for in this, and the
need for future growth, I think we should