[Oisf-devel] [patch] PF_RING missing timestamps
Victor Julien
victor at inliniac.net
Thu May 31 09:35:15 UTC 2012
On 05/30/2012 11:04 PM, Chris Wakelin wrote:
> In my experiments with some of the fancier versions of PF_RING, namely
> TNAPI and DNA with libzero, I've found sometimes they return packets
> with timestamps set to 0 (i.e. Jan 1970).
>
> In the PF_RING-enabled libpcap bundled with PF_RING, there are extra
> lines around the pfring_recv() call that use gettimeofday() to supply
> the timestamp if pfring_recv() doesn't.
>
> I've attached a patch for Suricata's source-pfring.c that does the same
> and fixes the issue for me.
Applied, thanks Chris. I made some minor modifications, mainly move this
logic into PfringProcessPacket().
Pushed it to the current git.
--
---------------------------------------------
Victor Julien
http://www.inliniac.net/
PGP: http://www.inliniac.net/victorjulien.asc
---------------------------------------------
More information about the Oisf-devel
mailing list