Hi,
I’m developing a plug-in to sniff local data on remote
machines. I am using ethereal-0.10.11 on a linux (2.4.21) machine.
I have created a plugin on the remote machines that send the
local traffic on that machine over TCP to a server, which receives the packets.
I have written another plug-in at the server end that receives the packet &
puts it on to the ethereal stack for it to sniff. I kickoff a server thread as
soon as I register my plugin. The server thread basically creates a socket,
binds to a port & listens for connections. Whenever it accepts a
connection, it kicks off another thread which receives the data from the
client.
I am able to send the packets from the client & receive it
at the server. I use –w option on the server to store the packets that I receive.
I am able to view the packets in ethereal when I open the saved file. But if I try
to capture, ethereal quits. The error I get is:
bind: Address already in use
** ERROR **: file capture_sync.c: line 625
(sync_pipe_input_cb): should not be reached
Aborting…
Aborted (core dumped)
When I do gdb on the core file, it doesn’t give any
file names.
I looked into the capture_sync.c code & saw that it was
forking off a child that did the actual capturing. I have a feeling that this
child is killing all my threads & hence aborting. I am not sure though. It
would be of great help if anyone has any ideas as to why this is happening.
Thanks,
Jay.