Hi Michael,
Gulp is great, and we have used it successfully, but occasionally we see
some corruption in the generated pcap dumps - packet length / save length
are reported incorrectly or are a completely nonsense value, etc... Gulp
also doesn't handle 32bit/64bit architectures especially elegantly - it
produces pcap files with a natively-sized time structure (either 8 bytes or
16 bytes), rendering the pcap files created by gulp on a 64 bit machine
incompatible with the wireshark and tcpdump binaries commonly installed on
those same machines. We have been able to get around these problems without
too much trouble, but I was curious if there were other options.
If you are able to release your stuff, I would enjoy giving it a try.
Regards,
Andrew
We have been able to get around this
On 2/10/10 10:47 AM, "Michael Stiller" <[email protected]> wrote:
> I wrote one actually for internal purposes and it's not released.
>
> I don't know gulp, will have a look. What's wrong with gulp that you
> are looking for another app?
>
> Cheers,
>
> Michael
>
>
>
> 2010/2/10 Andrew Siemion <[email protected]>:
>> Hi all,
>>
>> For sometime our research group has occasionally used 'gulp' (
>> http://staff.washington.edu/corey/gulp/ ) to perform high speed packet
>> capture to disk. Is anyone aware of other basic pf_ring aware applications
>> for fast-capture to disk?
>>
>> Thanks!
>>
>> Andrew
>>
>>
>> _______________________________________________
>> Ntop-misc mailing list
>> [email protected]
>> http://listgateway.unipi.it/mailman/listinfo/ntop-misc
>>
> _______________________________________________
> Ntop-misc mailing list
> [email protected]
> http://listgateway.unipi.it/mailman/listinfo/ntop-misc
_______________________________________________
Ntop-misc mailing list
[email protected]
http://listgateway.unipi.it/mailman/listinfo/ntop-misc
