search

mfontanini / libtins

High-level, multiplatform C++ network packet sniffing and crafting library.
http://libtins.github.io/
BSD 2-Clause "Simplified" License
1.91k stars 377 forks source link

Libtins not capturing all packets #297

Open francisfsjiang opened 6 years ago

francisfsjiang commented 6 years ago

I am using libtins to make a sniffer, but I found that when the tcp stream is long , like more than 3MB, not all packets will be captured. My test code is based on the HTTP follower example.

bug.tar.gz

This file contains the test code, output of the code and the pcap file captured by wireshark. This test was on macOS 10.13.4, but when I tested on ubuntu1804, same issue happened. The downloaded file is generated by following cmd.

seq -f "%g" -s "|" 400000  > test3M

The server is python http.server

python3 -m http.server 8888

cURL command:

curl -v http://localhost:8888/test3M.exe -o receive
mfontanini commented 6 years ago

If I run it using a FileSniffer on the pcap file you provided, I see all packets are parsed properly. You may be dropping packets because you can't process them fast enough. You can use some queue and process them asynchronously to speed it up.

francisfsjiang commented 6 years ago

OK, I will try to make the code faster. Thank you!