How to read and write concurrently a pcap file in c

Question

I have 2 programs written in C, one program writes to the pcap file and the second program reads from it at the same time.For writing ,I am using the following code

while(j < 100000)
        {
            pcount = pcap_dispatch(p,2000,&pcap_dump,(u_char *)pd);
            j = j+pcount;
            printf("Got %d packets , total packets %d\n",pcount,j);
        }

And for decoding the packets, I am using the following code

while( (returnValue=pcap_next_ex(pcap,&header,&data)) >= 0)
        {
            printf("Packet # %d ",++packetCount);
            printf("return value %d\n",returnValue);
        }

When i run the program separately i.e when I stop writing to the pcap file, It decodes the packets perfectly. But when I run both the programs at the same time, the decoder does not decode all the packets. If i get 100 packets, the decoder will show only 50-60 decoded packets.

Any help will be appreciated.

Answer 1

This is what pipes are for. I suggest something like

pcap_writer -w - | tee permanent-file.pcap | pcap_reader -r -

where pcap_writer and pcap_reader are your programs. This way you create something that can be combined in a different manner, if wanted.

Answer 2

In my opinion, reader's file is not getting updated as soon as the writer writes in the pcap file. This might be due to the reason that reader's file pointer is not refreshed i.e its reading the non updated version of file. Hope it will help you.