[Cs22800] Sebek: Problem + spurring online discussion

[Benjamin Johnson]

Ok, I think we should have more discussion online of any problems, 
solutions, etc...

I have to store captured SSH traffic in a buffer so that when a helper 
application opens and then periodically reads from the device driver, it 
gets part of the array (whatever it requests).  So far, I have it work 
like char sebek_buf[500000] (used 500000 because sebek did).  The 
problem is that if I have captured a lot of traffic before it has been 
read, I am not sure what to do with it.  Sebek does some sort of 
circular method yet its real messy, the variables aren't labeled very 
well and I'm not sure if its the best way.  It has int d_start and int 
d_end that point to the starting and ending points, and the starting 
point can be larger than the ending point, thus signifying to wrap 
around.  So far mine has been simplified to not try the wrap around.

If that's confusing, let me know.  Basically I was wondering if any of 
you have ideas on how I should approach the data storage, and if I 
should do something circular how should I do it (or if you have any 
ideas for topics to google for, that would be great).

On a secondary note, if anyone has experience with semaphores or 
basically locking down something in the kernel (while the array is being 
manipulated by /dev/sebek), that would be really helpful.  I just 
ordered Richard Stevens' book on IPC but that won't get here for at 
least a couple of days.

Thanks,

Ben  

-- 
Benjamin Johnson <bsjohnso at midway.uchicago.edu>
"I know not with what weapons World War III will be fought, but World War IV will be fought with sticks and stones." -- Albert Einstein