I plan to write some sort of network data tool in Cocoa which will let you know how much data you have downloaded/uploaded.
I've decided to base it on the built in tool 'tcpdump'. The problem is that if the network transfer rate is too high tcpdump will end up dropping a majority of the incoming packets which I need to analyse - if I don't get the packets I can't calculate their size, and so the total amount transferred is inaccurate.
I understand that it could be a problem with the size of the buffer between the kernel and tcpdump (the buffer gets filled with packets too quickly and is overwritten before tcpdump has a chance to read from it). However, I have increased both of the values for 'debug.bpf_bufsize' and 'debug.bpf_maxbufsize' without any positive effect.
Would anyone be able to shed some light on this problem for me? I'd be eternally grateful
Thanks.
I've decided to base it on the built in tool 'tcpdump'. The problem is that if the network transfer rate is too high tcpdump will end up dropping a majority of the incoming packets which I need to analyse - if I don't get the packets I can't calculate their size, and so the total amount transferred is inaccurate.
I understand that it could be a problem with the size of the buffer between the kernel and tcpdump (the buffer gets filled with packets too quickly and is overwritten before tcpdump has a chance to read from it). However, I have increased both of the values for 'debug.bpf_bufsize' and 'debug.bpf_maxbufsize' without any positive effect.
Would anyone be able to shed some light on this problem for me? I'd be eternally grateful
Thanks.