[ Home | Liste | F.A.Q. |
Risorse | Cerca... ]
[ Data: precedente | successivo | indice ] [ Argomento: precedente | successivo | indice ]
[ Home | Liste | F.A.Q. |
Risorse | Cerca... ]
Archivio: Giugno 2001 ml@sikurezza.org Soggetto: Re: Net::RawIP Mittente: Bonelli Nicola Data: 26 Jun 2001 19:40:09 -0000
Esempio con copia ed incolla da Net-RawIP-0.09b/examples/watch
--------------------------
..snip..
..
$timeout = 500;
..
$a = new Net::RawIP;
my $pcap = $a->pcapinit($device,$filter,$psize,$timeout);
Cosi' dovresti settare un timeout in millisecondi.
Nel caso non funzionasse significa che la versione delle libpcap che hai
installate sono buggate. Ricordo infatti un bug proprio nella
distribuzione per linux che aveva a che fare con un timeout specificato
dalla funzione pcap_open_live() e successivamente ignorato dalla
pcap_next().
Al tempo ho scritto anche un piccolo sorgente in c per verificare se
se le lib che hai installate sono buggate o meno.
Te lo allego qui di seguito:
-----------
/*
* $Id: pcaptest.c,v 1.2 2001/03/28 12:41:35 awgn Exp $
* ----[check timeout deal.
*
* The pcap_next() shipped with pcap-0.4-orig is a blocking call (Linux,
Obsd < 2.5, maybe others).
* This can be considered a bug, since pcap_open_live() specifies the
read timeout
* in milliseconds, and it's ignored by pcap_next.
* The source aimes to check whether the pcaplibrary is bugless or not.
*
* Copyright (c) 1999 Bonelli Nicola <awgn@antifork.org>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307,
USA.
*
*/
#include <stdio.h>
#include <stdlib.h>
#include <sys/types.h>
#include <unistd.h>
#include <pcap.h>
#include <unistd.h>
#include <signal.h>
extern char pcap_version[];
int major, minor;
void
failure (int i)
{
fprintf (stderr, "pcap-%d.%d timeout failure.\n", major, minor);
exit (-1);
}
main ()
{
pcap_t *pfd;
struct pcap_pkthdr pcaphdr;
char err_buff[PCAP_ERRBUF_SIZE], *ifname;
if ((ifname = pcap_lookupdev (err_buff)) == NULL)
{
fprintf (stderr, "err: %s\n", err_buff);
exit (-1);
}
if ((pfd = pcap_open_live (ifname, 1000, 0, 1, err_buff)) == NULL)
{
fprintf (stderr, "err: %s\n", err_buff);
exit (-1);
}
sscanf (pcap_version, "%d.%d", &major, &minor);
if ((major == 0) && (minor < 4))
{
fprintf (stderr, "pcap-%d.%d deprecated.\n", major, minor);
exit (-1);
}
signal (SIGALRM, failure);
alarm (5);
while ((char *) pcap_next (pfd, &pcaphdr) != (char *) NULL);
fprintf (stdout, "pcap-%d.%d test device[%s] ok.\n", major, minor,
ifname);
exit (0);
}
-------------
Puoi fare un update con la versoine corrente di pcaplib da
http://www.tcpdump.org/#current
Salute.
Nicola
-nb-
Conscience makes egotists of us all.
Linux & C. contributor. bonelli@oltrelinux.com
bonelli@antifork.org
nicola@whitehats.it
awgn@sicurezza.org
Get my pgp.pub key at: http://awgn.antifork.org/pgp
Key fingerprint = E1FF 4CCE 5D60 F437 364E 7A6A A13E D061 6BE8 F7B8
________________________________________________________
http://www.sikurezza.org - Italian Security Mailing List
[ Home | Liste | F.A.Q. |
Risorse | Cerca... ]
www.sikurezza.org - Italian Security Mailing List
(c) 1999-2005