I'm trying to compile a C program that uses libpcap in statistical mode on OSX. The original code was written for Windows, using the winpcap library. The version of libpcap on my Mac has never heard of the pcap_setmode function that it uses - I've got a nasty feeling that it might be Windows-specific.
Is there any way to capture in stats-mode on OSX? If not, is there something abo开发者_运维问答ut the architecture/capabilities of the OS that prevents this, or is this an extra feature added to WinPcap which has never been a feature of the main library?
pcap_setmode() only has a definition in the Win32 port, because the WinPcap driver for Windows is the only packet capture mechanism that supports statistical mode; BPF in Mac OS X and *BSD and AIX and Solaris 11 don't support it, PF_PACKET sockets in Linux don't support it, DLPI in Solaris and HP-UX don't support it, etc..
UN*Xes generally come with a mechanism that supports capturing packets, so libpcap can just use that, without adding its own kernel-mode code; this means it can't control what facilities those capture mechanisms have - if a capture mechanism doesn't have it, libpcap can't add it. Windows doesn't come with such a mechanism; it does come with NDIS, which can support such a mechanism, so WinPcap comes with a kernel-mode driver that uses NDIS to implement such a mechanism, and thus has some more control over what features it offers.
pcap_setmode() only has a definition in the Win32 port (for unknown reasons to me).
![Interactive visualization of a graph in python [closed]](https://www.devze.com/res/2023/04-10/09/92d32fe8c0d22fb96bd6f6e8b7d1f457.gif)
加载中,请稍侯......
精彩评论