Hi,
At machine_1, I'm capturing filtered packets with destination address as machine_1. I'm also sending raw packets from machine_2 with destination set as machine_1. At machine_2, I'm getting packets to send to machine_1 by sniffing them in exactly the same way as said for machine_1.

What is happening is that sometimes I'm getting packets at machine_1 when i send them from machine_2 and sometimes I'm not getting them.

In machine_1 my program is multi-threaded. Can that be the reason..?

I'm using
Winpcap pcap_dispatch() to get packets.
pcap_sendpacket() to send packets.
make_filter("dst host 193.148.3.143") //filter at machine_1
193.148.3.143 macchine_1 ip address

Thanks a lot ..!!..
:-)
(I'm new to Winpcap)

Hi,

What protocol is it UDP,TCP or what if it is UDP there could be some type of blockage.

Or you could be doing a DOS unknowingly.

If using TCP try use Nagles algorithm to check if data is being sent.

Also try to check with WireShark because there could be a small memory corruption leak in your program which is causing some type of EIP redirection.

Thanks

pcap can drop packets and parts of packets if it can't keep up. The filter works most efficiently on BSD because the filtering is done by the BPF (Berkeley Packet Filter) in the kernel.

@kbw

As he said he is using Multi-Threaded that means that pcap should not drop any packets right?

Also in the Kernel the BPF casts a lot of threads to filter data.

I personally suggest you try develop NDIS driver filter drivers becuase you then you can cast how many threads you wish whereas if BPF does not process packets at the same speed as you, this can cause loss of packet capture.