我正在使用pcap库捕获IEEE802.11数据包。到目前为止,我使用了pcap_loop和一个回调函数来接收然后处理数据包。但是现在我已经定期切换设备正在监听的wifi频道。不幸的是,pcap_loop阻塞,所以我不能使用超时调用我的函数。 然后我读了关于pcap_dispatch的内容,但我真的不知道它应该如何异步,因为做了像
这样的事情while(1) {
int cnt = pcap_dispatch(handle, -1, callback, null);
}
无法解决问题。
所以任何人都可以向我解释如何使pcap捕获数据包异步/基于事件或者换句话说如何解决我的困境?
答案 0 :(得分:0)
引用pcap_get_selectable_fd()手册页(这是主干中的版本):
DESCRIPTION
pcap_get_selectable_fd() returns, on UNIX, a file descriptor number for
a file descriptor on which one can do a select() or poll() to wait for
it to be possible to read packets without blocking, if such a descrip‐
tor exists, or −1, if no such descriptor exists. Some network devices
opened with pcap_create() and pcap_activate(), or with
pcap_open_live(), do not support select() or poll() (for example, regu‐
lar network devices on FreeBSD 4.3 and 4.4, and Endace DAG devices), so
−1 is returned for those devices.
Note that in:
FreeBSD prior to FreeBSD 4.6;
NetBSD prior to NetBSD 3.0;
OpenBSD prior to OpenBSD 2.4;
Mac OS X prior to Mac OS X 10.7;
select() and poll() do not work correctly on BPF devices;
pcap_get_selectable_fd() will return a file descriptor on most of those
versions (the exceptions being FreeBSD 4.3 and 4.4), but a simple
select() or poll() will not indicate that the descriptor is readable
until a full buffer’s worth of packets is received, even if the read
timeout expires before then. To work around this, an application that
uses select() or poll() to wait for packets to arrive must put the
pcap_t in non‐blocking mode, and must arrange that the select() or
poll() have a timeout less than or equal to the read timeout, and must
try to read packets after that timeout expires, regardless of whether
select() or poll() indicated that the file descriptor for the pcap_t is
ready to be read or not. (That workaround will not work in FreeBSD 4.3
and later; however, in FreeBSD 4.6 and later, select() and poll() work
correctly on BPF devices, so the workaround isn’t necessary, although
it does no harm.)
Note also that poll() doesn’t work on character special files, includ‐
ing BPF devices, in Mac OS X 10.4 and 10.5, so, while select() can be
used on the descriptor returned by pcap_get_selectable_fd(), poll()
cannot be used on it those versions of Mac OS X. Kqueues also don’t
work on that descriptor. poll(), but not kqueues, work on that
descriptor in Mac OS X releases prior to 10.4; poll() and kqueues work
on that descriptor in Mac OS X 10.6 and later.
pcap_get_selectable_fd() is not available on Windows.
此外,由于10.6的BPF中的错误(作为另一个错误的修复的一部分引入),解决方法将无法在Mac OS X 10.6上运行;解决方法适用于10.7及更高版本,但不是必需的。
因此,如果您有基于select() / poll() / epoll() / kqueue / etc.等事件循环,则可以使其基于事件 - 添加您从{{获得的描述符1}}作为在该事件循环中选择的文件描述符之一。