[Winpcap-users] Advice Request
Loris Degioanni
loris.degioanni at gmail.com
Sun May 29 16:56:25 GMT 2005
Hi,
Syed Azhar Hussain wrote:
> Hi Everyone,
>
> I am new to winpcap/libpcap (portable packet capture) and libnet
> (portable packet injection). I am planning to write commercial
> application which work like Websense
> (http://ww2.websense.com/global/en/) or R-3000
> (http://www.8e6technologies.com/products/ http Filter). I need your
> suggestion about reliability of winpcap library for sniffing network
> packets, and can we relay on it for commercial application, and also
> its open source license allow us?
A lot of commercial applications are already based on WinPcap. The
WinPcap licence is the BSD one, which allows you to use and redistribute
it without any limitation.
Most of WinPcap is 3-clauses BSD but, as Guy Harris pointed out some
days ago, some of the portions coming from libpcap are still 4-clauses BSD.
> For testing my technical blueprints, I use jpcap (java wrapper over
> winpcap) and jlibnet (my own JNI wrapper over libnet). I wrote simple
> filter for 'http' packet which I want to block using packet injection.
> When I run this program (platform is java), I am failed to verify my
> blueprints. Using ethereal inspection, what I found is jpcap/winpcap
> sniff little bit late so original server sent the reply, and my RST
> packets wont work because of late spoofing.
>
> I am also trying to write same blueprint in C instead of Java.
>
> So, I need your advices for using winpcap/libpcap library for
> commercial use in above context [all I need is sniffing TCP packet
> with XYZ keywords in its payload e.g. GET www.badwebstie.com at native
> platform (either windows, linux or unix)]?
I think that the important factor here is driver responsiveness rather
than code optimization. You should try to set low mintocopy and
read-expiration time, in order to minimize the delaying effects of
buffering.
Loris
> Advice needed.
>
> Thanks and best regards,
>
> Azhar
>
> _______________________________________________
> Winpcap-users mailing list
> Winpcap-users at winpcap.org
> https://www.winpcap.org/mailman/listinfo/winpcap-users
>
More information about the Winpcap-users
mailing list