<html><head><meta http-equiv="Content-Type" content="text/html; charset=us-ascii"></head><body style="word-wrap: break-word; -webkit-nbsp-mode: space; line-break: after-white-space;" class="">A number of years ago I wrote a network sniffer to meet some specific requirements that tcpdump did not provide. I used <div class=""><code class=""><a href="https://github.com/msantos/epcap.git" class="">https://github.com/msantos/epcap.git</a></code><br class=""><div><br class=""></div><div>That app is still in production today, works well.</div><div><br class=""></div><div>Mark.</div><div><br class=""></div><div><br class=""><blockquote type="cite" class=""><div class="">On Aug 11, 2020, at 6:12 AM, Papa Tana <<a href="mailto:papa.tana101@gmail.com" class="">papa.tana101@gmail.com</a>> wrote:</div><br class="Apple-interchange-newline"><div class=""><div dir="ltr" class=""><div class="">Hi All,<br class=""><br class="">Great day!<br class=""><br class="">I have one network interface, connected with a client:<br class=""><br class="">[client]------> [(eth0)::Me]<br class=""><br class="">Whenever I want to read all traffic I received on my (eth0) interface, I'm using tcpdump.</div><div class=""># tcpdump -i eth0 -w file.pcap<br class=""><br class="">And only after that, I can pass the pcap file to Erlang as an Argument, and I can process/modify it:<br class=""><a href="https://github.com/hokiespurs/velodyne-copter/wiki/PCAP-format" target="_blank" class="">https://github.com/hokiespurs/velodyne-copter/wiki/PCAP-format</a><br class=""><br class="">It's working, but as you can see, it's not real time :-/<br class=""></div><div class=""><br class=""></div><div class="">gen_tcp/gen_udp are not working because I would only capture all traffic matching ip address and udp port and for me only. But I want all traffic in my eth0 (traffic can be for other destination, not Me).</div><div class=""><br class=""></div><div class=""><div class="">I have checked</div><div class=""><a href="https://github.com/msantos/procket" target="_blank" class="">https://github.com/msantos/procket</a></div><div class=""><a href="https://github.com/msantos/pkt" target="_blank" class="">https://github.com/msantos/pkt</a></div><div class=""><a href="https://erlang.org/doc/man/socket.html" target="_blank" class="">https://erlang.org/doc/man/socket.html</a></div><div class=""><br class=""></div><div class="">they are great jobs, but seem to be encoding/decoding and need to specify protocol for socket:bind<br class=""></div><div class=""><br class=""></div><div class=""></div></div><div class="">Can anyone advice please?<br class=""></div><div class=""><br class=""></div><div class="">Thanks, <br class=""></div></div>
</div></blockquote></div><br class=""></div></body></html>