void sinsp::open(uint32_t timeout_ms)
{
char error[SCAP_LASTERR_SIZE];
g_logger.log("starting live capture");
m_islive = true;
//
// Reset the thread manager
//
m_thread_manager->clear();
//
// Start the capture
//
scap_open_args oargs;
oargs.fname = NULL;
oargs.proc_callback = ::on_new_entry_from_proc;
oargs.proc_callback_context = this;
oargs.import_users = m_import_users;
m_h = scap_open(oargs, error);
if(m_h == NULL)
{
throw sinsp_exception(error);
}
init();
}
void sinsp::open(string filename)
{
char error[SCAP_LASTERR_SIZE];
m_islive = false;
if(filename == "")
{
open();
return;
}
m_input_filename = filename;
g_logger.log("starting offline capture");
//
// Reset the thread manager
//
m_thread_manager->clear();
//
// Start the capture
//
scap_open_args oargs;
oargs.fname = filename.c_str();
oargs.proc_callback = NULL;
oargs.proc_callback_context = NULL;
oargs.import_users = m_import_users;
m_h = scap_open(oargs, error);
if(m_h == NULL)
{
throw sinsp_exception(error);
}
//
// gianluca: This might need to be replaced with
// a portable stat(), since I'm afraid that on S3
// (that we'll use in the backend) the seek will
// read the entire file anyway
//
FILE* fp = fopen(filename.c_str(), "rb");
if(fp)
{
fseek(fp, 0L, SEEK_END);
m_filesize = ftell(fp);
fclose(fp);
}
init();
}
void sinsp::open(string filename)
{
char error[SCAP_LASTERR_SIZE] = {0};
m_islive = false;
if(filename == "")
{
open();
return;
}
m_input_filename = filename;
g_logger.log("starting offline capture");
//
// Reset the thread manager
//
m_thread_manager->clear();
//
// Start the capture
//
scap_open_args oargs;
oargs.fname = filename.c_str();
oargs.proc_callback = NULL;
oargs.proc_callback_context = NULL;
oargs.import_users = m_import_users;
m_h = scap_open(oargs, error);
if(m_h == NULL)
{
throw sinsp_exception(error);
}
m_filesize = get_file_size(filename, error);
if(m_filesize < 0)
{
throw sinsp_exception(error);
}
init();
}
