Content-class: urn:content-classes:message
MIME-Version: 1.0
Content-Type: text/plain;
	charset="us-ascii"
Content-Transfer-Encoding: 8BIT
Subject: where do packet Capture Drivers fit? 
Date: Thu, 25 Nov 2004 19:06:34 +0530
Message-ID: <4EE0CBA31942E547B99B3D4BFAB348111ED723@mail.esn.co.in>
Thread-Topic: where do packet Capture Drivers fit? 
Thread-Index: AcTS1WYLUyqKxK/ETwOfXB1H6o3l+wAGk5ww
From: "Mukund JB." <mukundjb@esntechnologies.co.in>
To: <linux-kernel@vger.kernel.org>
Sender: linux-kernel-owner@vger.kernel.org
Content-Length: 1188
Lines: 37


Hello all,

I am studying & planning to implement the packet capture drivers.

According what info I gathered from the net and other sources, I
visualize it as follows:-

When interested in specific traffic i.e. to sniff on port 23 (telnet) in
search of passwords or perhaps we want to highjack a file being sent
over port 21 (FTP), whatever the case, rarely do we just want to blindly
sniff all network traffic. Then we enter pcap_compile() and
pcap_setfilter().

First, pcap's filter is more efficient, because it does it directly with
the BPF filter.

So, I imagine the calls to pcap_compile() and pcap_setfilter() functions
will invoke the packet capture driver.

Am I right? How & where do I get the Architecture of the packet capture
driver & where exactly it fits?

Sorry, if I have posted in a wrong place. In such case, do guide me with
the right maillists or site address.

Thanks for the help in advance.

Regards,
Mukund jampala


-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/