02-05-2012
If you're asking whether it's better to save network dumps in ASCII format or a binary format, which is "better" -- as always -- depends entirely on what you want to do with it.
You can't grep a binary file, but text files take more space, and might not be able to be loaded back into wireshark or what have you.
10 More Discussions You Might Find Interesting
1. Programming
I don't know if this is the correct forum to post this but hopefully someone can atleast point me in the right direction if they can't help me.
I am trying to install the Net::Pcap module for perl from Tim Potter version .04. I have installed gcc 2.95.3 on my Solaris 8 box. I am sure it's just... (6 Replies)
Discussion started by: TioTony
6 Replies
2. Programming
I cant use pcap.h include file. How can I do so? :confused: (8 Replies)
Discussion started by: Pervez Sajjad
8 Replies
3. Programming
Hello everybody!!
I am currently doing my intership and I need some tips for Pcap.h.
I search some tips tp filter my paquets in a C program with the Pcap.h librairy. The onlys thing I have found is thaht I can filter low level protocol with their name like (tcp/udp..). But for the higher... (3 Replies)
Discussion started by: danathane
3 Replies
4. Programming
Can someone please help me figure out how to use pcap.h to sniff packets between only 2 computers whose mac addresses are know?
Thanks (0 Replies)
Discussion started by: papabearcares
0 Replies
5. Shell Programming and Scripting
Can someone please help me figure out how to use pcap.h to sniff packets between only 2 computers whose mac addresses are know?
Thanks (0 Replies)
Discussion started by: papabearcares
0 Replies
6. UNIX for Dummies Questions & Answers
Hi,
I am new at UNIX and programing in general and only have a basic knowledge of C++. I am helping out with some research at a college and was given the task to sort through captured packets via IP addresses. I was wondering if anyone could help me with writing a code which filters through pcap... (1 Reply)
Discussion started by: hershey101
1 Replies
7. Programming
Hi,
I am new at UNIX and programing in general and only have a basic knowledge of C++. I am helping out with some research at a college and was given the task to sort through captured packets via IP addresses. I was wondering if anyone could help me with writing a code which filters through pcap... (4 Replies)
Discussion started by: hershey101
4 Replies
8. Shell Programming and Scripting
Hi gurus,
I have a file in unix with ascii values. I need to convert all the ascii values in the file to ascii characters. File contains nearly 20000 records with ascii values. (10 Replies)
Discussion started by: sandeeppvk
10 Replies
9. Programming
Hi I have a program that captures packets with the libpcap library by calling the pcap-functions, e.g. pcap_next(...).
I would like to use PF_RING for the program and therefore I would have to adjust the calling functions to
pfring_open(...)
pfring_recv(...)
I'm pretty knew in network... (0 Replies)
Discussion started by: Freaky123
0 Replies
10. Shell Programming and Scripting
Hi All,
I have an ascii file in which few columns are having hex values which i need to convert into ascii. Kindly suggest me what command can be used in unix shell scripting?
Thanks in Advance (2 Replies)
Discussion started by: HemaV
2 Replies
LEARN ABOUT SUNOS
tnfctl_kernel_open
tnfctl_kernel_open(3TNF) TNF Library Functions tnfctl_kernel_open(3TNF)
NAME
tnfctl_kernel_open - create handle for kernel probe control
SYNOPSIS
cc [ flag ... ] file ... -ltnfctl [ library ... ]
#include <tnf/tnfctl.h>
tnfctl_errcode_t tnfctl_kernel_open(tnfctl_handle_t **ret_val);
DESCRIPTION
tnfctl_kernel_open() starts a kernel tracing session and returns in ret_val an opaque handle that can be used to control tracing and probes
in the kernel. Only one kernel tracing session is possible at a time on a given machine. An error code of TNFCTL_ERR_BUSY is returned if
there is another process using kernel tracing.
Use the command
fuser -f /dev/tnfctl
to print the process id of the process currently using kernel tracing. Only a superuser may use tnfctl_kernel_open(). An error code of
TNFCTL_ERR_ACCES is returned if the caller does not have the necessary privileges.
RETURN VALUES
tnfctl_kernel_open returns TNFCTL_ERR_NONE upon success.
ERRORS
TNFCTL_ERR_ACCES Permission denied. Superuser privileges are needed for kernel tracing.
TNFCTL_ERR_BUSY Another client is currently using kernel tracing.
TNFCTL_ERR_ALLOCFAIL Memory allocation failed.
TNFCTL_ERR_FILENOTFOUND /dev/tnfctl not found.
TNFCTL_ERR_INTERNAL Some other failure occurred.
ATTRIBUTES
See attributes(5) for descriptions of the following attributes:
+-----------------------------+-----------------------------+
| ATTRIBUTE TYPE | ATTRIBUTE VALUE |
+-----------------------------+-----------------------------+
|Availability |SUNWtnfc |
+-----------------------------+-----------------------------+
|MT Level |MT-Safe |
+-----------------------------+-----------------------------+
SEE ALSO
prex(1), fuser(1M), TNF_PROBE(3TNF), libtnfctl(3TNF), tracing(3TNF), tnf_kernel_probes(4), attributes(5)
SunOS 5.10 4 Mar 1997 tnfctl_kernel_open(3TNF)