-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
> > The idea behind the snaplen [miss-]use is to permit legacy application > to take advantage of the memory mapped access and permit new ones to > control the ring behaviur. Such goal could be obtained even with other > solution, but I was a bit 'scared' to add a 'Linux only' API to pcap.h. IMHO that's not an issue. Furthermore we have a student working on an MMAP-pcap for FreeBSD as his master thesis. So it won't be a Linux only API for long ;-) > Undoubtedly my implementation is not the most clean one; I can rework > the patch adding a function to control the ring size [something like > 'pcap_set_ring_size(handle, ring_size)'] and using some default values > for the memory mapped ring during pcap_open_live, if there is some > consensus in this direction. Using a function to set the ring buffer size sounds like the best choice to me, as long as these parameters can still be changed after the open or after packets have been read. If you can't change these parameters during the capture I would introduce a new pcap_open_live_mmap() function and make the "old" pcap_open_live() call pcap_open_live_mmap() just my 2ct Gregor -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFHVu2HdGiwgbikMYMRAuKRAKCFf34TkiSMu0u1k6PuTiNeUk5YSwCePy+2 uewmmfimn5aGktK9AuJ+5hM= =NU53 -----END PGP SIGNATURE----- - This is the tcpdump-workers list. Visit https://cod.sandelman.ca/ to unsubscribe.
