On Mon, 19 Oct 1998, charlie buckheit wrote:
> Hummm...I actually started to write a version using libpcap and pcapture (a
> program from the same place as libpcap) that would display the packets
> realtime. Snoop on the SGI does it this way, as can tcpdump. The only bad
> part (or good part depending on where you stand) with snoop is that it
> doesn't show the data part of the packets. Neither does tcpdump, though
> older versions supposedly did. For some applications I really need to see
> the data.
It shouldn't be too difficult (famous last words) to add real-time
packet displays to ethereal. One of the major snags is that libpcap's
pcap_open_live() currently ignores the timeout argument under Linux. As a
result, the program freezes until the next packet comes in. I'm trying to
figure out a graceful way to handle this.
---------------------------------------------------------------------------
***** ***** Gerald Combs gerald@xxxxxxxxxx
*** *** Packet interrogator http://www.unicom.net
* * Unicom Communications, Inc. (913)327-5309
***** 7223 W. 95th St., Ste 325 (913)327-5376 Fax
*** Overland Park, KS 66212 (913)327-5375 Client Support
*
---------------------------------------------------------------------------
