📄 linux
字号:
==================== libnids-1.17 ==================== The following applies to Linux only. Linux 2.0.x kernels introduces sockets of family PF_PACKET whichallow to gather packets from all devices, including loopback (!). Recentlibpcap versions (0.6.x for sure) support this feature; you have to passdevice "any" to pcap_open_live in order to listen on such a socket. Forbackwards compatibility with libnids <= 1.16, you can also assign device "all"to nids_params.device. If nids_params.promisc is nonzero, libnids (becauselibpcap does not support it) will try to set all interfaces into promiscuous mode, one by one. A certain problem may arise, if the machine routes packets among itsinterfaces. Libpcap will pass to userspace a copy of a packet per eachinterface this packet travels through. This is no problem for libnids TCPreassembly, as it deals perfectly with duplicate packets - tcp callbackfunctions will not notice anything unusual. However, UDP and IP callbackswill receive duplicate packets. ⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -