libpcapnav
libpcapnav is a libpcap wrapper library that allows navigation to arbitrary locations in a tcpdump trace file between reads. The API is intentionally much like that of the pcap library. You can navigate in trace files both in time and space. You can jump to a packet which is at approximately 2/3 of the trace, or you can jump as closely as possible to a packet with a given timestamp, and then read packets from there. In addition, the API provides convenience functions for manipulating timeval structures.
| Tags | Networking Software Development Libraries |
|---|---|
| Licenses | BSD Revised |
| Operating Systems | Unix |
| Implementation | C |
Recent releases
- 07 Jun 2007 03:05
Changes: This release introduces large file support and better build support on OS X.
- 15 Feb 2006 08:04
Changes: 64-bit architectures are now supported. A new API pcapnav_timeval_init() has been added. pcapnav_timeval_add/sub() can now safely be called with one of the input arguments as output argument. pcapnav_dump_open() had broken linklayer compatibility checks, which are now fixed.
- 04 May 2005 14:30
Changes: This release includes a number of bugfixes and robustness improvements.
- 18 Apr 2004 21:03
Changes: A bug in __pcapnav_trace_find_packet_at_offset() that could trigger infinite looping in case of truncated trace files was fixed. The timestamp reported for the last packet in the trace file was actually the timestamp of the second- last file. A pcapnav_dump_open() function was added, which can be used on existing trace files to allow appending new packets, including files with a truncated last packet.
- 11 Nov 2003 10:04
Changes: This release provides a better pcapnav_goto_offset(): the user now has more fine-grained control where acceptable offsets for valid packets are located.
