Paul please see inline On Sep 10, 2012, at 7:09 PM, Paul Wortman <[email protected]> wrote:
> Hi, > > My name is Paul and I've been having trouble learning to make use of > PF_Ring. In essence I am trying to make use of PF_Ring in order to quickly > pull packets from the network & save these packets into a pcap file, through > I am confused as to how to implement this. >From my understanding the way > this would be achieved would be through the use of these dummy_plugins. Now > while my knowledge of PF_Ring is limited, what I am trying to do is to make > use of the DNA (hardware) PF_Ring (for the speed of packet capture) in order > to then write these packets to a pcap file (most probably by passing these > packets to tcpdump). So my questions are; 1) If I install the supplied > libpcap-1.1.1-ring library, do you know if tcpdump will use that library > (thus making use of DNA to do the capturing)? & Yes > 2) Is it even possible to use DNA with tcpdump? Yes, you can use the tcpdump within the PF_RING distribution > I have noticed that within the User Manual provided that it seems that DAN is > mainly used for the filtering/re-direction of incoming packets to other > machines (on a network), but am wondering if instead it would be possible to > simply re-direct these packets to tcpdump. If there is any example code that > might exist, or anywhere that you could point me to in order to figure > out/find a solution to these problems, please do let me know!! Thank you for > any & all help!! If tcpdump is not enough for you and you need a multi-Gbit packet-to-disk solution, come back to us. Alfredo > > - Paul Wortman > _______________________________________________ > Ntop-misc mailing list > [email protected] > http://listgateway.unipi.it/mailman/listinfo/ntop-misc
_______________________________________________ Ntop-misc mailing list [email protected] http://listgateway.unipi.it/mailman/listinfo/ntop-misc
