Wireshark-dev: Re: [Wireshark-dev] A #define MUST_DO_SELECT problem/question

From: Richard van der Hoff <richardv@xxxxxxxxxxxxx>
Date: Sat, 10 Nov 2007 13:09:33 +0000
Fulko Hew wrote:

Somewhere between these two versions, there was a change to
capture_loop.h that enforces #define MUST_DO_SELECT on linux
systems which seems to be the the opposite behaviour compared
to 0.99.4.

That would be me :)

...

Unfortunately I'm at a loss to explain/understand why its
failing, and what I need to do to fix it.  The comments near
capture_loop.c:994 says to 'plead with whoever supplies the
software for that device to add "select()" support', but that
would be _me_ and I don't know what I need to add select()
support to (and then I might not understand how either).

Right, well, there's some history to this change at http://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1181.

Essentially the problem is that dumpcap attempts to pass packets over to wireshark in batches, to avoid quite so much context-switching and GUI updating. However, in order to do this on systems (such as linux with a standard libpcap) which only support capturing on a packet-by-packet basis, it needs to be able to time-out captures so that you don't have to wait for another packet to arrive before you can flush out the previous one.

My change (in r22639) did this by calling select() with a timeout on the capture fd under linux before attempting to capture a packet. If select times out, dumpcap can flush out its pending packets; if select says that the capture fd is actually readable, it captures a packet.

The solution to the problem will depend on your implementation of pcap, aaui; specifically whether it supports the concept of a "capture file descriptor" which you read from to get packets. Here are some suggestions:

1. If you /don't/ have a capture fd, make sure that your pcap_dispatch honours the timeout passed in pcap_open_live, and fiddle with the #defines in capture_loop.h such that MUST_DO_SELECT is not defined for you.

2. If you /do/ have a capture fd, make select() work properly on your system such that it returns > 0 when there are packets available for reading from the capture fd, and 0 when it times out.

Hope that helps.

Richard