[Cs22800] Sebek: Problem + spurring online discussion
Benjamin Johnson
bsjohnso at midway.uchicago.edu
Fri Nov 15 17:54:36 CST 2002
Ok, I think we should have more discussion online of any problems,
solutions, etc...
I have to store captured SSH traffic in a buffer so that when a helper
application opens and then periodically reads from the device driver, it
gets part of the array (whatever it requests). So far, I have it work
like char sebek_buf[500000] (used 500000 because sebek did). The
problem is that if I have captured a lot of traffic before it has been
read, I am not sure what to do with it. Sebek does some sort of
circular method yet its real messy, the variables aren't labeled very
well and I'm not sure if its the best way. It has int d_start and int
d_end that point to the starting and ending points, and the starting
point can be larger than the ending point, thus signifying to wrap
around. So far mine has been simplified to not try the wrap around.
If that's confusing, let me know. Basically I was wondering if any of
you have ideas on how I should approach the data storage, and if I
should do something circular how should I do it (or if you have any
ideas for topics to google for, that would be great).
On a secondary note, if anyone has experience with semaphores or
basically locking down something in the kernel (while the array is being
manipulated by /dev/sebek), that would be really helpful. I just
ordered Richard Stevens' book on IPC but that won't get here for at
least a couple of days.
Thanks,
Ben
--
Benjamin Johnson <bsjohnso at midway.uchicago.edu>
"I know not with what weapons World War III will be fought, but World War IV will be fought with sticks and stones." -- Albert Einstein
More information about the CS22800
mailing list