[Winpcap-users] pcap_next and timeval

Mon Mar 16 14:49:32 PDT 2009

Hi,

I'm writing a C extension to python that makes use of winpcap. The
existing extensions do not do everything I need.

I'm sending raw ethernet packets to several wireless devices. I am
trying to determine the time it takes for the devices to respond the to
the packets I'm sending out. I send to one device at a time and wait for
it to reply. The device with the wired connection will respond with the
fastest time.

The network looks like this:

pc---switch---d1***d2***d3***d4***d5
        |
        |
        |
     company
     netowrk

I'm using gettimeofday() in my C extension before I call pcap_send().
When I capture the response with pcap_next(), the timeval is sometimes
less than the value given by the call to gettimeofday(). I'm using
gettimeofday() because I'm using mingw32 to compile the extension.

I found this post:
http://www.winpcap.org/pipermail/winpcap-users/2006-September/001394.html

I also looked in packetNtx\driver\time_calls.h. So, to get the time the
same way winpcap does, I'd have to call KeQueryPerformanceCounter() and
KeQuerySystemTime(). However, I won't be able to do that from a user
application.

Is there another way of getting the time that would be more accurate
than gettimeofday()?

Thanks,
Tom

PS: Here's my extension function.

static PyObject *Packet32_time(Packet32Object *self, PyObject *args)
{
	pcap_t *pcap;
	u_char *buf;
	int length;
	PyObject *pyBuf;
	struct pcap_pkthdr header;
	const u_char *pkt_data;
	const u_char *ret;
	PyObject *t;
	struct timeval tv1;
	struct timeval tv2;
	struct timeval tvres;
	int timeout;

	if (!PyArg_ParseTuple(args, "Oi:time", &pyBuf, &timeout))
		return NULL;

	t = PyTuple_New(3);

	pcap = (pcap_t *)PyInt_AS_LONG(self->pcap);
	PyString_AsStringAndSize(pyBuf, (char **)&buf, &length);

	if (gettimeofday(&tv1, NULL) == -1) {
		PyTuple_SET_ITEM(t, 0, Py_BuildValue("i", 2));
		PyTuple_SET_ITEM(t, 1, Py_BuildValue("i", 0));
		PyTuple_SET_ITEM(t, 2, Py_BuildValue("i", 0));
		return t;
	}

	if (pcap_sendpacket(pcap, buf, length) != 0) {
		PyTuple_SET_ITEM(t, 0, Py_BuildValue("i", 3));
		PyTuple_SET_ITEM(t, 1, Py_BuildValue("i", 0));
		PyTuple_SET_ITEM(t, 2, Py_BuildValue("i", 0));
		return t;
	}

	do {
		ret = pcap_next(pcap, &header);
		if (gettimeofday(&tv2, NULL) == -1) {
			PyTuple_SET_ITEM(t, 0, Py_BuildValue("i", 2));
			PyTuple_SET_ITEM(t, 1, Py_BuildValue("i", 0));
			PyTuple_SET_ITEM(t, 2, Py_BuildValue("i", 0));
			return t;
		}
		timersub(&tv2, &tv1, &tvres);
	} while ((ret == NULL) && (tvres.tv_usec < timeout));

	if (ret != NULL) {
		timersub(&header.ts, &tv1, &tvres);
		PyTuple_SET_ITEM(t, 0, Py_BuildValue("i", 1));
		PyTuple_SET_ITEM(t, 1, Py_BuildValue("i",
			tvres.tv_usec));
		PyTuple_SET_ITEM(t, 2, Py_BuildValue("i",
			tvres.tv_sec));
	} else {
		PyTuple_SET_ITEM(t, 0, Py_BuildValue("i", 0));
		PyTuple_SET_ITEM(t, 1, Py_BuildValue("i", 0));
		PyTuple_SET_ITEM(t, 2, Py_BuildValue("i", 0));
	}
	return t;
}