First of all, thanks for your patience. This issue may only be due to my lack of understanding as I am a complete beginner in PDU, ...
I am trying to do some TCP stream reassembling using libtins in order to measure some metrics. The issue is, libtins is not detecting any new Stream when I would expect one to be created.
Here is how I am configuring my Sniffer:
int main()
{
SnifferConfiguration config;
config.set_promisc_mode(true);
config.set_filter("tcp");
// Create our follower
Tins::TCPIP::StreamFollower follower;
// Set the callback for new streams. Note that this is a std::function, so you
// could use std::bind and use a member function for this
follower.new_stream_callback(&on_new_stream);
// Now set up the termination callback. This will be called whenever a stream is
// stopped being followed for some of the reasons explained above
follower.stream_termination_callback(&on_stream_terminated);
Sniffer sniffer("en0", config);
// And start sniffing, forwarding all packets to our follower
sniffer.sniff_loop([&](PDU &pdu) {
std::cout << "Received packet:" << pdu.size() << std::endl;
follower.process_packet(pdu);
return true;
});
}
And here is my new stream callback:
// New stream is seen
void on_new_stream(Stream &stream)
{
std::cout << "New Stream: "
<< "client:" << stream.client_port() << " to " << stream.server_addr_v4().to_string() << ":" << stream.server_port() << std::endl;
stream.client_data_callback(&on_client_data);
stream.server_data_callback(&on_server_data);
}
By loading the Google homepage with the cache disabled, the console will log a lot of "packet received" with their respective size, but will not log anything related to the creation of a new stream.
I tested by keeping the program running and going through a lot of different websites and I sometimes get the stream-related logging, so I guess all the code is not incorrect?
Is there anything wrong with my code? Is there an easier way to get the size of my TCP stream reassembled?
Many thanks.
