--QGBKWVSgmlsIyJ+t
Content-Type: text/plain; charset=iso-8859-1
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

Salut,

On Sat, Sep 24, 2005 at 10:01:45AM +0200, Zeljko Vrba wrote:
> To explain in details:
>=20
> 1. I expect to receive incoming almost full 1Gbit of traffic on bge1. I
> will not be doing any outgoing traffic.
>=20
> 2. I don't need any network stack processing. After the ethernet frame
> is received, I want to record the following data only:
>   - arrival time, as precise as possible (read local APIC?)
>   - full TCP/UDP/IP header (I can parse eth frame myself, if neccessary)
>   - the data load I will discard
>=20
> 3. The collected data needs to be written to disk. As few as possible
> frames should be lost.

This can probably be done easiest by using pf and pflogd. Just drop and
log all packets on the interface, and disable outgoing just for not having
to bother with it. If the processor is fast enough...

				    Tonnerre

--QGBKWVSgmlsIyJ+t
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (NetBSD)

iD8DBQFDNT0DXUVlAbfmNMIRAtzwAJ43Zz56s0syqt8QTX4bybfSiGXmswCeN6yO
24Vt5zdWHEdSKlf0HQsrZwg=
=OeBH
-----END PGP SIGNATURE-----

--QGBKWVSgmlsIyJ+t--