Databases
StackOverflow2013
Postsdbo
PO
Body
 

Note that there are some explanatory texts on larger screens.

plurals
  1. PO
    text
    copied!<p>You are confusing several things here:</p> <ul> <li><p>"Promiscuous" usually refers to a mode of a hardware ethernet network card where it delivers <em>all</em> packets in its collision domain up to the kernel network stack and have it sort out delivery (vs. just unicast to given MAC, subscribed multicast, and broadcast in normal operating mode of the card). <em>This is on the receive path.</em></p></li> <li><p>All the data outbound from your machine will go through (one of) the network cards on the machine, so "promiscuous" does not at all apply here.</p></li> <li><p>You are working on filtering TCP-based protocol (HTTP), but talk in terms of packets. This is wrong. TCP connection is a stream that could be (as far as socket readers and writers are concerned) arbitrarily split into IP datagrams. That URL from HTTP request header could be split across multiple link-layer frames. You would have to stitch them back together and parse the stream anyway. Then you have no chance even at that if SSL is in use.</p></li> </ul> <p>If you are interested in HTTP filtering then read <a href="http://en.wikipedia.org/wiki/Http#References" rel="nofollow">HTTP RFCs</a>, and read existing open-source code, e.g. <a href="http://www.squid-cache.org/" rel="nofollow">squid</a>, <a href="http://nginx.org/" rel="nofollow">nginx</a>, etc.</p> <p>If you are digging through network stack for better understaning then read <a href="http://www.kohala.com/start/" rel="nofollow">W. Richard Stevens books</a>, look into existing code in open-source operating systems, check out <a href="http://en.wikipedia.org/wiki/Berkeley_Packet_Filter" rel="nofollow">BPF</a> and <a href="http://en.wikipedia.org/wiki/Netlink" rel="nofollow">netlink</a>.</p> <p>Hope this clears it a little.</p>
 

Querying!

 
Guidance
An individual column

Larger individual text columns get their own page to allow for proper reading.

SQuiL has stopped working due to an internal error.

If you are curious you may find further information in the browser console, which is accessible through the devtools (F12).

Reload