Thank you sooooooooo much. I have almost arrived to that (right file, but it was getting harsh to find the exact lines)
For capture_opts->promisc_mode, I think it is just TRUE or FALSE in source code. Im experimenting with using 16 value (max_responsiveness) to soft packet loss at my application. I have also changed timeout at pcap_open to several values, but I don’t get much
Any other ideas to prevent packet loss without having to implement pipes to decouple disk writing from packet reading?
María de Fátima Requena Cabot (2488)
+34 91 787 23 00 alhambra-eidos.es
-----Mensaje original-----
De: wireshark-dev-bounces@xxxxxxxxxxxxx [mailto:wireshark-dev-bounces@xxxxxxxxxxxxx] En nombre de Guy Harris
Enviado el: viernes, 04 de abril de 2008 11:22
Para: Developer support list for Wireshark
Asunto: Re: [Wireshark-dev] source code
Maria de Fatima Requena wrote:
> Does anyone know where (which files) is the code for telling skinny packets apart
I.e., the code that recognizes that a given packet is a Skinny Client
Control Protocol packet?
That's dissect_skinny() in epan/dissectors/packet-skinny.c.
> and for the capture of packets in general?
The capture code is in dumpcap.c. It's compiled into a program called
dumpcap, along with some other source files; both Wireshark and TShark
run that program to do capturing. (That way, if the code that does
capturing has to run with privileges, Wireshark and TShark themselves,
with their 1.5 million lines of dissector code, don't have to run with
privileges, so if there's a vulnerability in them, the damage they can
do is limited.)
_______________________________________________
Wireshark-dev mailing list
Wireshark-dev@xxxxxxxxxxxxx
http://www.wireshark.org/mailman/listinfo/wireshark-dev
