I did not notice those replies to the bug.. Nice... I'll take a look... I wasn't neither aware of pcap_get_selectable_fd() and that may be because http://gd.tuwien.ac.at/infosys/security/tcpdump.org/pcap3_man.html does not show it... (Guy?)
Windows does not implement it as does not even have selectable fds or at least the one select() in winsock does not work on FDs so for WinPcap another approach should be taken (Gianluca?) I did not notice the load-peak while playing with it but I believe I should have felt it in my very slow PPC mac... do pcap_dispatch works differently in linux and bsds? (Guy?) Thanks Luis On Thu, Apr 10, 2008 at 10:13 PM, Jason <[EMAIL PROTECTED]> wrote: > Luis EG Ontanon wrote: > > > As far as triggers go a while ago I checked in trigcap.c. > > > > Nice. > > > > > It's an experiment I wrote that works with capture filters as > > start/stop triggers, I have not added it to the build process because > > I do not know if it works on anything other than my mac. > > it should not be difficult to mimic its mechanics in dumpcap. > > > > It builds and runs on linux just fine. > > > > > it pcap_open_live()s a listener and a capturer (if a filter is given ) > > it then enters a loop pcap_dispatch()ing a listener_handler and a > > capturer_handler > > > > This monopolized the processor. See the patches I wrote against trigcap.c > attached to bug 2039 [1]. > > The main goal of the patches were to run a specified program or script (eg > tshark with a read filter) at the start event and another program (eg > killall tshark) at the stop event. > > The patches are just PoC, but seem to work for me. Let me know what you > think... > > thx, > > Jason. > > [1] - http://bugs.wireshark.org/bugzilla/show_bug.cgi?id=2039 > > -- This information is top security. When you have read it, destroy yourself. -- Marshall McLuhan -- This information is top security. When you have read it, destroy yourself. -- Marshall McLuhan _______________________________________________ Wireshark-dev mailing list [email protected] http://www.wireshark.org/mailman/listinfo/wireshark-dev
