On Mon, Oct 12, 2015 at 2:06 PM, liu wen <[email protected]> wrote:
> > I also register an TCP listening event on event_base( two events: > on_accept and on_recv.) > > then I run the program on host A and send packets from host B, meanwhile I > use a tcpdump to capture packets on A (tcpdump -i eth0 port 8000 ) > > For comparison, I have two laptops which acts as A, I tried the program > (compile and then run) on these two laptops, one with Fedora (fedora > release 18) and one with Ubuntu (Ubuntu 14.04.2 LTS) > > on ubuntu events are invoked in the following order > > on capture > pcap_dispatch() returns 0 > on capture > pcap_dispatch() returns 0 > on accept > on recv > > it is strange that the pcap_dispatch returns 0 twice. My expectation is > that the when on_capture event is triggered, pcap_dispatch will catch TCP > SYN packets before on_accept event is triggered. But I don't know why the > on_capture events are invoked twice and pcap_dispatch() returns 0. > > on Fedora, the program works as expected, the pcap_dispatch() can capture > packets the first time it is invoked before on_accept event. > > I use ldd to check the libraries of this program on each laptop. > > Fedora: > $ldd relay > linux-vdso.so.1 => (0x00007fff1d1ad000) > libevent-1.4.so.2 => /lib/libevent-1.4.so.2 (0x00007faca467d000) > libpcap.so.1 => /lib64/libpcap.so.1 (0x00000035b4a00000) > libc.so.6 => /lib64/libc.so.6 (0x00000035b0a00000) > libnsl.so.1 => /lib64/libnsl.so.1 (0x00000035cea00000) > librt.so.1 => /lib64/librt.so.1 (0x00000035b1a00000) > libresolv.so.2 => /lib64/libresolv.so.2 (0x00000035b2e00000) > /lib64/ld-linux-x86-64.so.2 (0x00000035b0200000) > libpthread.so.0 => /lib64/libpthread.so.0 (0x00000035b1600000) > > > ubuntu: > > $ ldd relay > linux-vdso.so.1 => (0x00007ffd08bc5000) > libevent-2.0.so.5 => /usr/lib/x86_64-linux-gnu/libevent-2.0.so.5 > (0x00007eff35f81000) > libpcap.so.0.8 => /usr/lib/x86_64-linux-gnu/libpcap.so.0.8 > (0x00007eff35d43000) > libc.so.6 => /lib/x86_64-linux-gnu/libc.so.6 (0x00007eff3597e000) > libpthread.so.0 => /lib/x86_64-linux-gnu/libpthread.so.0 > (0x00007eff35760000) > /lib64/ld-linux-x86-64.so.2 (0x00007eff361c5000) > > > indeed, both libpcap and libevent versions are different. > what are potential problems for my program when it runs on ubuntu? how can > fix the unexpected problems on ubuntu? > thank you! > There shouldn't be a difference, technically that is. 1.x differs greatly though in functionality, but is backwards compat with 1.x. A few years ago I did a 2.x conversion for some very old code: https://github.com/ellzey/trafan/blob/master/trafan.c with pcap. and *many* many years ago I did this which never moved out to 2.x, completely 1.0. But it still works with old/new pcap and libevent as seen here: https://strcpy.net/mark/dns_stuff/dns-sla/dnsm.c https://strcpy.net/mark/dns_stuff/dns_spoof_watch/dns_spoof_watch.c But mind you, pcap_dispatch with -1 means you may be processing a ton of packets, all of which call your pcap callback.
