[Winpcap-users] Packet random access using file seek
Pat Marion
pat.marion at kitware.com
Mon Apr 22 16:16:14 PDT 2013
On Tue, Apr 23, 2013 at 12:10 AM, Gisle Vanem <gvanem at broadpark.no> wrote:
>
> I forgot to ask how you compile and link with the WinPcap and Packet APIs.
> And what compiler; MSVC or MingW or something else.
Hi, thanks for having a look at my problem, it's very appreciated. I am
currently using the 32 bit compiler on Visual Studio Express 2008 on
Windows 7 x64, and later I will try the 64 bit compiler on Visual Studio
2008 Pro. My project is configured using CMake and built in Release mode.
It links to wpcap.lib.
My project does not have LIBPCAP_EXPORTS, so this means it is using:
#define pcap_fopen_offline(f,b) \
pcap_hopen_offline(_get_osfhandle(_fileno(f)), b)
I took a look at the implementation of pcap_hopen_offline(). I see that it
takes the input FILE* and creates a new FILE* using a series of function
calls:
_fileno()
_get_osfhandle()
_open_osfhandle()
_fdopen()
So, if I understand correctly, it is creating a new FILE* that is relative
to its own CRT. I think that means I can no longer use any information I
query about the original input FILE*, because winpcap has created its own
FILE* stream to read from.
So that leads me to think that my plan to use ftell() to record file
positions of packets, and fseek() to jump to the begining of packets, is
not going to work on Windows. What do you think? Is there a different way
to use winpcap to seek to packets in a save file without reading each
packet in sequential order starting at the beginning?
Pat
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.winpcap.org/pipermail/winpcap-users/attachments/20130423/97a3cf5b/attachment.html>
More information about the Winpcap-users
mailing list