Don't freeze when opening pcap fifo

[cladmi]

As mentioned here: http://cetic.github.io/foren6/guide.html

When using a pcap filo as packet source the graphic interface hangs and the header should be sent in order to unlock the interface.

Also, when restarting foren6, if it tries to read from a fifo, it hangs before launching the main window.

For FIT IoT-LAB https://www.iot-lab.info/ this mode is preferred to get real-time visualization, and with this missing feature, it is not as ergonomic as it could be. So I would like to put a +1 on this feature.

[laurentderu]

It's a hard to fix issue as it's partially because of the way libpcap works, it requires a PCAP header to know how to extract the following packets and so hang until it gets it. That explains also the second issue when Foren6 restarts as it will wait for a PCAP header that will never come.

The real good solution is to have an interface adapter for the particular sniffer you are using. A workaround would be to fake the PCAP header (and drop the real one), but that would require the end user to configure manually the actual encapsulation used by the FIFO.

[cladmi]

I know where the problem comes from, it's just that it would be better to get stuck somewhere else than in the main window, like on a background thread. I'm not providing any solution here however.

I'm interested in the solution. How should this be done ? Because I know the header in advance, I am hardwriting it in my tool (in python):

        struct.pack(
            '=LHHLLLL',
            0xa1b2c3d4,  # Pcap header Little Endian
            2,           # File format major revision (i.e. pcap <2>.4)
            4,           # File format minor revision (i.e. pcap 2.<4>)
            0,           # GMT to local correction: 0 if timestamps are UTC
            0,           # accuracy of timestamps -> set it to 0
            0xffff,      # packet capture limit -> typically 65535
            LINKTYPE_IEEE802_15_4, # Link (802.15.4 FCS/...)
        )

https://github.com/iot-lab/aggregation-tools/blob/master/iotlabaggregator/zeptopcap.py

Thank you

[laurentderu]

The code is int foren6-capture/interface-pcap.c, the header is extracted by pcap_fopen_offline(), but I'm not sure if it's easy to feed a fake header to it...

Another possibility, looking at zeptopcap, is to write a capture interface for ZEP, the format is quite similar to SNIF format and would require only basic modification.

[laurentderu]

Another possibility would be to move the pcap initialization code inside the pcap thread, then the waiting for the header would be hidden. But I have to check it there are no hidden side effect :)