Date: Fri, 31 Jul 1998 10:54:07 +0200 (SAT) From: Graham Wheeler <gram@cdsec.com> To: sef@kithrup.com (Sean Eric Fagan) Cc: chat@FreeBSD.ORG Subject: Re: Dr Dobb's Journal, September 1998 Message-ID: <199807310854.KAA02340@cdsec.com> In-Reply-To: <199807301615.JAA01618@kithrup.com> from "Sean Eric Fagan" at Jul 30, 98 09:15:25 am
next in thread | previous in thread | raw e-mail | index | archive | help
> > In article <199807300834.KAA00279.kithrup.freebsd.chat@cdsec.com> you write: > >How about an article on BPF and/or libpcap? I could easily write something > >like that... > > What would you say? > > DDJ, unfortunately, doesn't really want kernel hacking articles. But they can > be persuaded if you can also make it about something else -- the truss > article, for example, was in their "performance and debugging" issue, because > truss can be used for that. And the second one was in their "networking" > issue. > > bpf and libpcap are ported to linux as well. So if you could come up with an > application for it (for example... I use a modified verison of tcpdump to keep > track of my network bandwidth; it's not great, and could definitely be done > better), DDJ or Linux Journal may be interested... I have written a program that uses libpcap to log TCP connections when they close, with client, server, duration, bytes sent, bytes received, and, in the case of FTP, files transferred, or HTTP, URLs requested, or NNTP, newsgroups browsed. I have also written an ident spoofer using the BPF device, and a simple extension to the BPF code that allows BPF programs to use labels and be `linked' before downloding to the BPF device. So there is definitely scope here I think. Ideally I would cover the program that logs the TCP connections, although I'll probably step on some toes, as my partners want to turn this into a commercial product. But I could probably strip it down a bit, and maybe just suggest the application-specific stuff as possible extensions. -- Dr Graham Wheeler E-mail: gram@cdsec.com Citadel Data Security Phone: +27(21)23-6065/6/7 Internet/Intranet Network Specialists Mobile: +27(83)253-9864 Firewalls/Virtual Private Networks Fax: +27(21)24-3656 Data Security Products WWW: http://www.cdsec.com/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-chat" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199807310854.KAA02340>