where do packet Capture Drivers fit?

From: Mukund JB.
Date: Fri Nov 26 2004 - 19:34:10 EST

Next message: David Woodhouse: "Re: [RFC] Splitting kernel headers and deprecating __KERNEL__"
Previous message: Nigel Cunningham: "Re: Suspend 2 merge: 9/51: init/* changes."
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hello all,

I am studying & planning to implement the packet capture drivers.

According what info I gathered from the net and other sources, I
visualize it as follows:-

When interested in specific traffic i.e. to sniff on port 23 (telnet) in
search of passwords or perhaps we want to highjack a file being sent
over port 21 (FTP), whatever the case, rarely do we just want to blindly
sniff all network traffic. Then we enter pcap_compile() and
pcap_setfilter().

First, pcap's filter is more efficient, because it does it directly with
the BPF filter.

So, I imagine the calls to pcap_compile() and pcap_setfilter() functions
will invoke the packet capture driver.

Am I right? How & where do I get the Architecture of the packet capture
driver & where exactly it fits?

Sorry, if I have posted in a wrong place. In such case, do guide me with
the right maillists or site address.

Thanks for the help in advance.

Regards,
Mukund jampala

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: David Woodhouse: "Re: [RFC] Splitting kernel headers and deprecating __KERNEL__"
Previous message: Nigel Cunningham: "Re: Suspend 2 merge: 9/51: init/* changes."
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]