tcpdump mailing list archives
Re: reconstruct HTTP requests in custom sniffer
From: Cedric Cellier <rixed () happyleptic org>
Date: Fri, 07 Jan 2011 22:33:33 +0100
I am asked to write a custom sniffer with libpcap on Linux that has to handle a load of 50.000 packets per second. The sniffer has to detect all HTTP requests and dump the URI with additional information, such as request size and possibly response time/size.
Looks very similar to : http://github.com/securactive/junkie if you can live with the AGPL, maybe we could join forces ?
Regarding the load of 50.000 packets a second, is this expected to be a problem?
Junkie handle this rate of packets (quite more actually) on one of our test probe running on a 8 core PC, with plenty of CPU left. So I bet this is not a problem. - This is the tcpdump-workers list. Visit https://cod.sandelman.ca/ to unsubscribe.
Current thread:
- Re: reconstruct HTTP requests in custom sniffer Cedric Cellier (Jan 07)
- Re: reconstruct HTTP requests in custom sniffer Andrej van der Zee (Jan 07)
- Re: reconstruct HTTP requests in custom sniffer rixed (Jan 08)
- Re: reconstruct HTTP requests in custom sniffer Andrej van der Zee (Jan 08)
- Re: reconstruct HTTP requests in custom sniffer Cedric Cellier (Jan 10)
- Re: reconstruct HTTP requests in custom sniffer Andrej van der Zee (Jan 10)
- Re: reconstruct HTTP requests in custom sniffer rixed (Jan 08)
- Re: reconstruct HTTP requests in custom sniffer Andrej van der Zee (Jan 07)