Hi,
I have an open capture_file that hasn't been processed yet. I want to move to the end of the file at a negative position: -100 is 100 from the end. But I don't have the number or packets in the capture_file.
I tried to use get_stats_for_preview, that worked pretty well, but it turned out it leaves the packet pointer to the end, then any subsequent reads don't return anything.
My options:
- rewind the capture_file (but how?)
- use cfile_read (to count), cfile_close, cfile_open (overkill?)
- use a better technique to extract how many packet the capture_file has (I'm all ears)
Any advice?
Dario.
--
