From: Alex Behar (alex-b_at_nonexisting.hamakor.org.il)
Date: Sat 24 Jul 2004 - 03:52:16 IDT
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On Friday 23 July 2004 00:52, you wrote:
> Hi all.
>
> I need to build some packet analyzing application.
> It will be executed on linux gateway.
> I need to read stream of data after tcp reassembly.
>
> Is their any way kernel can provide me with
> reassembled data, or I need to use some library like
> libnids to reassemble tcp packets ??
If you are dealing with session sniffing or/and reconstruction, you could try
the kernel's very own socket infrastructure from socket.h (PF_PACKET,
packet(7)).
But again, libpcap [1] might be a good way to do that too.
Good luck.
Best regards,
Alex
- --
The difference between theory and practice, is that in theory,
there is no difference between theory and practice.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)
iD8DBQFBAbLGfDQ3s2iW3q0RAqZRAKCSvc0LYkGIZsP29tOPgqdoS1KIMACg/Rp1
E1z6CKVuY8DRZc5rr5p2J3c=
=sdNn
-----END PGP SIGNATURE-----
================================To unsubscribe, send mail to linux-il-request_at_linux.org.il with
the word "unsubscribe" in the message body, e.g., run the command
echo unsubscribe | mail linux-il-request_at_linux.org.il
This archive was generated by hypermail 2.1.7 : Sat 24 Jul 2004 - 04:01:43 IDT