Close Down
Once we are finished capturing packets, we should gracefully close down the connection before we exit the tool. Two functions can come in handy in this case.
Arpsniff uses a trivial signal
handler to intercept the Ctrl-C break sequence. Because the tool is
in an endless loop, due to the pcap_loop function,
the signal handler calls the
pcap_breakloop
function. This function, which is
available only in recent versions of libpcap, is
designed for use in signal handlers or similar tools, and allows the
packet- capture loop to be interrupted smoothly and the tool to exit
gracefully. pcap_breakloop takes only one argument
and has the following prototype:
void pcap_breakloop(pcap_t *)
Now that we have exited the packet-capture loop, we can close the
packet-capture handler and associated resources using the
pcap_close function, which has the following
prototype:
void pcap_close(pcap_t *p)
Get Network Security Tools now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
