summaryrefslogtreecommitdiff
path: root/pcap_io.h
AgeCommit message (Collapse)AuthorFilesLines
2013-07-23pcap_io: tun: support captures from wireshark/tcpdump via tun devicesDaniel Borkmann1-0/+2
101-103 do not have official link types and seem to be non-portable. Just add them so that we can replay pcap's of such types as well. Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
2013-07-13pcap_io: Remove unused parameter sll from pcap_pkthdr_to_tpacket_hdr()Tobias Klauser1-2/+1
The sll parameter is not used anywhere in the function, so remove it. Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
2013-07-13pcap_io: Use iterator variable of correct typeTobias Klauser1-1/+1
array_size() returns size_t, thus make i size_t too to avoid a warning regarding comparison of signed/unsigned. Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
2013-07-03pcap: invoke dev->type to pcap linktype mapperDaniel Borkmann1-3/+3
Invoke dev->type to pcap linktype mapper in order to write a correct pcap file header for various link types. Also fix two bugs in pcap file header parsing and print a warning with the magic link number in case of an unknown link type. Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
2013-07-03pcap: fix build errorDaniel Borkmann1-4/+4
Various fixes for last commit. Sorry for that. Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
2013-07-03pcap: support for various linktypesDaniel Borkmann1-13/+104
Add a device_type() method to get the assigned dev->type from the kernel, and add support for automatic selection of the correct pcap file header's linktype. This needs to be integrated into the core code though. Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
2013-07-03pcap_io: add LINKTYPE_NETLINK for netlink pcapsDaniel Borkmann1-0/+3
This adds basic linktype support for netlink "nlmon" devices. Todo: we sill need to set the correct pcap type on capturing. Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
2013-06-04xio: rename xio to ioops and reduce its includesDaniel Borkmann1-1/+1
Rename xio to ioops (io-ops) and boil its include files down to a minimum. Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
2013-05-31ring: netsniff-ng: migrate capture only to TPACKET_V3Daniel Borkmann1-38/+63
Lets migrate capturing to TPACKET_V3, since it will bring a better performance due to fewer page cache misses caused by a higher density of packets, since now they are contigous placed in the ring buffer. It is said that TPACKET_V3 brings the following benefits: *) ~15 - 20% reduction in CPU-usage *) ~20% increase in packet capture rate *) ~2x increase in packet density *) Port aggregation analysis *) Non static frame size to capture entire packet payload Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
2013-05-10make: allow to overwrite CFLAGS, CCACHEDaniel Borkmann1-3/+3
Allow to define custom compile flags, e.g. ... make CFLAGS="-O2 -Wall" ... and also allow to overwrite ccache variable: make CCACHE= all Also do some minor fixes when built with -O2 -Wall. Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
2013-05-10pcap_io: minor: fix some quirksDaniel Borkmann1-3/+3
We can just replace int with uin32_t, that's no problem. Also fix one case where we moved to uint16_t. Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
2013-05-10pcap: let netsniff-ng also record pkt timestamp sourceDaniel Borkmann1-3/+26
With commit [1] in the kernel, we can also store the timestamp source in the pcap packet header for later analysis. We do this by splitting the netsniff-ng's u32 ifindex into u16 tsource and u16 ifindex. Older kernel do not support the timestamp source in PF_PACKET, so it will stay 0 and is compatible with older netsniff-ng binaries. [1] http://thread.gmane.org/gmane.linux.network/266878/ Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
2013-04-09pcap_io: introduce init_once helper that is called with priviledgesDaniel Borkmann1-0/+1
When using netsniff-ng with dropping priviledges, we have to introduce another pcap helper function that is called once before we drop the priviledges. In this function we have to invoke the disc I/O scheduler policy, because it needs priviledges. Otherwise netsniff-ng will fail with "Failed to set io prio for pid" on startup, since we're not root anymore. Reported-by: Doug Burks <doug.burks@gmail.com> Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
2013-03-15all: import netsniff-ng 0.5.8-rc0 sourceDaniel Borkmann1-0/+581
We decided to get rid of the old Git history and start a new one for several reasons: *) Allow / enforce only high-quality commits (which was not the case for many commits in the history), have a policy that is more close to the one from the Linux kernel. With high quality commits, we mean code that is logically split into commits and commit messages that are signed-off and have a proper subject and message body. We do not allow automatic Github merges anymore, since they are total bullshit. However, we will either cherry-pick your patches or pull them manually. *) The old archive was about ~27MB for no particular good reason. This basically derived from the bad decision that also some PDF files where stored there. From this moment onwards, no binary objects are allowed to be stored in this repository anymore. The old archive is not wiped away from the Internet. You will still be able to find it, e.g. on git.cryptoism.org etc. Signed-off-by: Daniel Borkmann <dborkman@redhat.com> Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
generated by cgit v1.2.3-54-g00ecf (git 2.39.0) at 2024-06-18 11:47:48 +0000