don't know the netmask. (It also lets you test, at compile time,
whether you can rely on "ip broadcast" failing to compile when you pass
0xffffffff to pcap_compile().)
(255.255.255.255) be an indication that the netmask is unknown, and
return an error. Document that as the way to tell pcap_compile() that
the netmask is unknown. Have filtertest default to that as the netmask,
and add a -m flag to let you specify the netmask.
Don't define DLT_IPOIB with the same value as one of the DLT_USERn
definitions - it's not used, and we don't want to make anybody think
that value belongs to any particular link-layer type.
build 125 and later to use the native BPF with both IPNET and traditional
MAC (ethernet, etc) packet sniffing, the attached patches are required.
The attached patches represent what's in our internal build tree for libpcap.
pcap-linux.c memory-mapped mode.
Always doing a poll() if there are no packets available allows us to
catch disappearing interfaces in memory-mapped mode, so remove the
caveats about Linux.
even if we're in non-blocking mode, to pick up any error indications -
in that case, use a timeout of 0, so poll() doesn't block.
Don't test individual exceptional-condition bits in the poll() return
unless one of them is set, so we just do one test in the typical (no
exceptional condition) case.
went down" on at least some OSes, return a message indicating that.
When reading from a Linux PF_PACKET socket, if we get ENETDOWN, which
means "The device went down", return a message indicating that.
When doing a poll() on a PF_PACKET socket, check for various "something
happened on this, but it's not readable" conditions.
anything it's opened, etc..
In addition, the op pointers need to be restored to the un-activated
state; do that in pcap_activate() if the call to the activate op fails.
Also, in the common cleanup code, set the fd's to -1.
libpcap archive. A dependency has been introduced whereby the dagapi.o
object depends on functions in the dagutil.o as og DAG software release
3.4.1. This change is backwards compatible with older versions of the
DAG libraries.
http://developer.apple.com/mac/library/documentation/MacOSX/Conceptual/BPSystemStartup/Articles/StartupItems.html
"Table 1 StartupParameters.plist key-value pairs
Key Type Value
Description String A short description of the startup item,
used by administrative tools.
Provides Array The names of the services provided by this
startup item. Although a startup item can
potentially provide multiple services, it is
recommended that you limit your startup items
to only one service each."
Fix "Provides" to be the name of the service, not a description of the
helpful operations that it provides.
pcap_fopen_offline(), so that we initialize various function pointers
(not just the oneshot callback, but also functions such as the "can set
rfmon mode" function).
message, supply the error message corresponding to the activate
routine's return status, for the benefit of programs that don't handle
different error returns differently.
If PCAP_WARNING_PROMISC_NOTSUP, PCAP_ERROR_NO_SUCH_DEVICE, or
PCAP_ERROR_PERM_DENIED is returned, pcap_geterr() or
pcap_perror() may be called with p as an argument to fetch or
display an message giving additional details about the problem
that might be useful for debugging the problem if it's
unexpected.
but we weren't always setting the error string in question. Do so.
In pcap_open_live(), if the open fails with PCAP_ERROR, include the
device name in the error string, and if it fails with
PCAP_ERROR_NO_SUCH_DEVICE or PCAP_ERROR_PERM_DENIED, include the device
name and both error messages in the error string.
packets were seen, but do put the "."s on a separate line - which should
all come out in a burst, so don't fflush() after each one, let the
newline at the end do that.
Report POLLNVAL for poll().
When not using select() or poll(), loop forever doing pcap_dispatch(),
rather than just using pcap_loop(), so you see what happens for each
delivered batch of packets.