I just created a small, simple program that will capture packets remotely from a machine running rpcapd.
I am able to create a connection between my program and rpcapd using active mode, but I get tons of empty packet data between the host and client. The packets consist of PSH ACK and ACK packets being sent from rpcapd and my program. I am using function pcap_remoteact_accept() to create my connection with the active rpcapd. With function pcap_next_ex(), I am capturing the packets. I save the captured file with pcap_dump(). When I view the file I saved on Ethereal, I see that I am capturing those PSH ACK and ACK packets. They are empty and those empty packet data is being sent from the source (rpcapd) to my program. And my program is sending the similar empty packets back to the source (rpcapd). This is happening every 0.20 seconds, back and forth. The packet len from the source (rpcapd) to my program is 270. And my program seems to be replying with packet size len 60. But I think these values are arbitrary. How can I get this empty chatter to stop? Is this normal? Thank you. ================================================================== This is the WinPcap users list. It is archived at http://www.mail-archive.com/[EMAIL PROTECTED]/ To unsubscribe use mailto: [EMAIL PROTECTED] ==================================================================
