Selected Tool Details

ToolID 36
Name Libpcap
EntryDate 2005-02-04
LastModified 2005-02-04
Description The system library packet capturing called libpcap is the most commonly used library for capturing IP packets at network interface cards. It is available for most common PC and workstation operating systems. Libpcap captures packets by creating copies of portions of the packets, for example the first 60 bytes. Captured portions (or entire packets) are forwarded to the application using libpcap, either by a callback function or as result of a function polling the library. Libpcap can filter packets. Filtering is specified using the Berkeley Packet filter syntax. The performance of libpcap varies significantly between different operating systems. On BSD-based systems, libpcap works highly reliable on most common network interface cards. Older Linux versions (up to 0.4) of libpcap already start loosing packets at a speed of a few Megabits due to buffer overruns.
HomePageURL http://www.tcpdump.org/
Category Traffic Flow Measurement
ControlInput API binding
DataInput live interface, tcpdump packet file, other packet file, raw data files
Metrics packet capture
TimeScope Real-time
Aggregation Filtering
Availability open source (other)
License BSD
OSSupport AIX, DEC OSF/1, Digital Unix, FreeBSD, HP-UX, MacOS X, NetBSD, NextStep, OpenBSD, SCO Unix, Sinix, Solaris, SunOS, Tru64 Unix, Ultrix / DecStation, Unix/Linux, UnixWare
Features passive measurement

No user comments for this tool yet.


Submit your feedback for this tool:

If you are a registered user (and are logged in) you can also add comments yourself.

Please login or register.