after about a minute or less capturing (flushing all messages) get a port close

[vans163]

15:37:20.635 [error] GenServer #PID<0.272.0> terminating ** (stop) {:port_terminated, 0} Last message: {#Port<0.18>, {:exit_status, 0}} State: {:state, #PID<0.271.0>, #Port<0.18>}

This happens after about a minute or less. Every time.

[msantos]

Enabling verbose mode should show why the port exited:

:epcap.start(filter: 'tcp and port 443', verbose: 3)

Also the usual questions: which OS are you testing on? can you provide a small example that shows the behaviour? which version of erlang?

[vans163]

Verbose mode 3, does not show any new errors.

I am using a wlan adapter and Ubuntu 18.04.

defmodule MiniCap do
    #MiniCap.spawn
    def spawn() do
        :erlang.spawn(fn()->
            {:ok, epcap_pid} = :epcap.start_link([{:promiscuous, true}, {:verbose, 3}]) #{:interface, 'wlp2s0'}
            loop(%{epcap_pid: epcap_pid})
        end)
    end

    def loop(s) do
        s = receive do
            {:packet, _, _, _, bin} ->
                try do
                    [_,{:ipv4,_,_,_,_,_,_,_,_,_,_,_,src_ip,dst_ip,_},{:tcp,src_port,dst_port,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_},payload] 
                        = :pkt.decapsulate(bin)
                    IO.inspect {src_ip, src_port, dst_ip, dst_port}
                catch
                    _,_ -> :ignore
                end

        after 
            100 -> s
        end
        loop(s)
    end
end

[msantos]

Thanks, your program works perfectly for me.

I forgot I enabled the seccomp sandbox by default on Linux. The seccomp policy needs to be updated for Ubuntu 18.04:

$ priv/epcap -h
epcap, 0.4.0 (using seccomp sandbox)

You can recompile using the rlimit sandbox by setting the EPCAP_SANDBOX environment variable:

$ EPCAP_SANDBOX=rlimit make clean all

$ priv/epcap -h
epcap, 0.4.0 (using rlimit sandbox)

Thank you for reporting this!