tcpdump mailing list archives
Re: Feature request: add packet send function
From: Guy Harris <guy () alum mit edu>
Date: Fri, 7 Nov 2003 14:30:22 -0800
On Nov 7, 2003, at 2:10 PM, Ryan Mooney wrote:
I know that on bpf platforms its as simple as changing the bpf open call to be read/write instead of read only.
...and using "write()".However, doing so means that you can't allow some users to capture but not send, and allow others to capture and send, by using permissions (and/or ACLs, if your OS supports them). Opening read/write and falling back to read-only if that fails with EACCES, fixes that, although, as you can't declare your intent when opening, it means that if your application requires read/write access, it won't discover that it doesn't have it until it tries to send a packet, so it can't tell the user early in the process that they won't be able to send packets.
My inclination might be to have a new API for opening devices for live capture (which would let certain other improvements be made as well, e.g. specifying the capture buffer size, which can't be done in BPF after the BPF device has been bound to a network interface, or specifying the link-layer type to see, which, on Linux, would probably mean
1) letting you choose DLT_LINUX_SLL, but that's done at socket-creation time, although I guess closing the existing socket and creating a new one would probably succeed so that *might* be good enough;
2) letting you choose one of the "raw 802.11" header types, but I think that's done with *some* drivers by binding to a different device (according to
http://www.kismetwireless.net/documentation.shtml
you use "wifiX" rather than "ethX" for the "cisco_cvs" Aironet driver,
although other Aironet drivers do it by tweaking some "/proc" file; I'm
not sure whether the kismetwireless page is saying that Prism2 devices
on Linux are called "wlanX" rather than "ethX", or that both are
available, along the lines of the Aironet drivers) - it might be that
doing so would also probably succeed. (I'm sure there's a Really
Compelling Reason(TM) why it's "wifiX" for Aironet and "wlanX" for most
other cards, other than just "it's Linuxtown, Jake".)
More importantly, once libpcap supports the remote capture mechanisms, it'll need to supply credentials - see "pcap_open()" in
http://winpcap.polito.it/docs/man/html/index.html
-
This is the TCPDUMP workers list. It is archived at
http://www.tcpdump.org/lists/workers/index.html
To unsubscribe use mailto:tcpdump-workers-request () tcpdump org?body=unsubscribe
Current thread:
- Feature request: add packet send function WANG Yong (Nov 06)
- Re: Feature request: add packet send function Aaron Turner (Nov 06)
- Re: Feature request: add packet send function Hannes Gredler (Nov 07)
- Re: Feature request: add packet send function Guy Harris (Nov 07)
- Re: Feature request: add packet send function Ryan Mooney (Nov 07)
- Re: Feature request: add packet send function Guy Harris (Nov 07)
- Re: Feature request: add packet send function Ryan Mooney (Nov 07)
- <Possible follow-ups>
- Re: Re: Feature request: add packet send function WANG Yong (Nov 07)
- Re: Re: Feature request: add packet send function Guy Harris (Nov 07)