On Thu, Apr 10, 2008 at 11:03 PM, Guy Harris <guy@xxxxxxxxxxxx> wrote:
> Luis EG Ontanon wrote:
[snip]
> > I did not notice the load-peak while playing with it but I believe I
> > should have felt it in my very slow PPC mac... do pcap_dispatch works
> > differently in linux and bsds? (Guy?)
>
> The main difference is that Linux, unless you're using the memory-mapped
> capture mechanism (supported by the under-development libpcap 1.0), you
> get one packet per recvfrom() call, while in OS X and *BSD, BPF will
> buffer up packets until the buffer fills up or the timeout expires, so
> you can get multiple packets per read().
>
Which makes me wonder:
Can we get the autoconf script to understand if we can get multiple or
single packets per read given the fact that we cannot dare
pcap_open_live() in them?
Or
Is it better to use select() in all unix platforms?
Luis
--
This information is top security. When you have read it, destroy yourself.
-- Marshall McLuhan
