hello everybody!!
i'm writing a sniffer as a part of my graduation project.
all i want the sniffer to do is dump the packet in dump-files -each one
containing a certain number of packets (say 'x')- in their raw form.
when a file is full with 'x' packets the program should close the current file
and open the next one and write to it until it is full and so on...
i'm confused which way to do it:
1)using pcap_next() to deal with each packet individually
2)using pcap_loop() to loop 'x' times and with each callback write the
received packet to file then return to main program and close the
current file, open the next file and calling pcap_loop() again for 'x' times
and so on.......
3)using pcap_loop() with a 'cnt'value of -1 to loop indefinitely and
handle all the file opening, closing and writing in the callback function
take in consideration that i want the program to be as fast and as
efficient as possi
ble
i would be glad to hear ANY opinion on which way is best and if you
have any ideas other than the above please say it.
i'm familiar with the pcap functions...the idea is the important part
for me
thank you for your time
MSN 8 helps ELIMINATE E-MAIL VIRUSES. Get 2 months FREE*. ================================================================== This is the WinPcap users list. It is archived at http://www.mail-archive.com/[EMAIL PROTECTED]/ To unsubscribe use mailto: [EMAIL PROTECTED] ==================================================================
