Hi all.
I am maintaining a piece of software which uses the pcap library to monitor packets
being sent from a given machine and then categorizing this packets based on the
destination IP grabbed from the packet's headers. The software uses pthreads to
separate the recording of the packets (through call to pcap_open_live, pcap_loop, and
a callback funtion) in one thread from the processing of this data in another pthread
thread. The implemented use of pthreads and mutex's are giving me problems which I
would like to resolve by removing pthreads.
I am not sure however how this can be done. What i'd like to be able to do is
something like the following pseudo-code:
while (!done) {
use pcap to count packets and bytes for next 200 ms;
evaluate last 200ms worth of data and process;
}
The idea is only have one thread which does both things. This only would work however
if there is a way to ask the pcap library to 'watch packets for X MS'. How can I do
this?
I think I can do this by using fork to have a child process do the capturing and using
the callback to 'pipe' the data back to the parent process, and have the wile loop in
the parent process. However one of the platforms that I need a solution for does not
have the fork method (its an MMU-less platform).
Any help would be greatly appreciated.
Steve
[EMAIL PROTECTED]
-
This is the TCPDUMP workers list. It is archived at
http://www.tcpdump.org/lists/workers/index.html
To unsubscribe use mailto:[EMAIL PROTECTED]?body=unsubscribe
