On Thu, 6 Sep 2001, Naor Shlomo wrote:
> I am trying to simulate the 3 way handshake in order to test error cases and
> for that I need to use the libpcap function to capture the syn/synack/ack
>
> Well, I am using red-hat 7.1 and I tried using the libpcap-0.6.2-7.i386.rpm,
> and the libpcap-0.4-39.i386.rpm but failed in doing so.
>
> pcap_dispatch is blocked forever and never returns.
>
> I opened the device using: pcap_open_live(eth0,100,0,0,errbuf)
> The captured string is: "dst port XXXXX"
> I call the pcap_dispatch: packetsNum =
> pcap_dispatch(pd,1,&pcapHandlePacket,NULL)
>
> and it never returns.
>
> Any idea why?
hi,
from the manpage:
NOTE: when reading a live capture, pcap_dispatch() will
not necessarily return when the read times out; on some
platforms, the read timeout isn't supported, and, on other
platforms, the timer doesn't start until at least one
packet arrives. This means that the read timeout should
NOT be used in, for example, an interactive application,
since you open in non-promisc mode it might happen that
theres no packet to capture and pcap_dispatch() never returns.
Its blocked in a slow systemcall.
You may use select() plus pcap_next() in this case.
regards,
Sebastian
---
"Please stop the earth. Let me off."
-
This is the TCPDUMP workers list. It is archived at
http://www.tcpdump.org/lists/workers/index.html
To unsubscribe use mailto:[EMAIL PROTECTED]?body=unsubscribe
