libpcapnav 0.8
Sponsored Links
libpcapnav 0.8 Ranking & Summary
File size:
0.017 MB
Platform:
Any Platform
License:
BSD License
Price:
Downloads:
886
Date added:
2007-06-07
Publisher:
Christian Kreibich
libpcapnav 0.8 description
libpcapnav is a libpcap wrapper library that allows navigation to arbitrary locations in a tcpdump trace file between reads.
The API is intentionally much like that of the pcap library. You can navigate in trace files both in time and space: you can jump to a packet which is at appr. 2/3 of the trace, or you can jump as closely as possible to a packet with a given timestamp, and then read packets from there. In addition, the API provides convenience functions for manipulating timeval structures.
Like libpcap, this library handles things through an opaque handle struct. For trace file navigation and reading packets, this handle is enough. If you need to apply BPF filters or write packets to disk, you can access the familiar pcap handle that is used internally.
At the core of libpcapnav is the ability to resynchronize to the sequence of packets contained in a tcpdump trace file at arbitrary location of the file position indicator.
The algorithm is based on Vern Paxsons method from the the tcpslice tool, that basically works as follows: the point near which the file position indicator is to be synchronized with the packet sequence is undershot a little bit, as it is much easier to scan forwards to the desired location, once the packet sequence has been detected.
The file is scanned from that initial offset in single-byte steps, at each step assuming a libpcap packet header is present and sanity-checking the values read. Several checks analyze this potential header for sane timestamps, capture lengths etc. If the header appears valid, the next packet header is examined in a similar function, based upon the offset that the checked header provides.
If a sequence of three packets seems valid, the algorithm considers the file position pointer to be synchronized with the packet flow and scans as closely as possible to the desired location. If the synchronization point is supposed to be a packet with a given timestamp, some interpolation is done and the process repeated, until the packet closest to the desired timestamp has been found.x
Enhancements:
- This release introduces large file support and better build support on OS X.
The API is intentionally much like that of the pcap library. You can navigate in trace files both in time and space: you can jump to a packet which is at appr. 2/3 of the trace, or you can jump as closely as possible to a packet with a given timestamp, and then read packets from there. In addition, the API provides convenience functions for manipulating timeval structures.
Like libpcap, this library handles things through an opaque handle struct. For trace file navigation and reading packets, this handle is enough. If you need to apply BPF filters or write packets to disk, you can access the familiar pcap handle that is used internally.
At the core of libpcapnav is the ability to resynchronize to the sequence of packets contained in a tcpdump trace file at arbitrary location of the file position indicator.
The algorithm is based on Vern Paxsons method from the the tcpslice tool, that basically works as follows: the point near which the file position indicator is to be synchronized with the packet sequence is undershot a little bit, as it is much easier to scan forwards to the desired location, once the packet sequence has been detected.
The file is scanned from that initial offset in single-byte steps, at each step assuming a libpcap packet header is present and sanity-checking the values read. Several checks analyze this potential header for sane timestamps, capture lengths etc. If the header appears valid, the next packet header is examined in a similar function, based upon the offset that the checked header provides.
If a sequence of three packets seems valid, the algorithm considers the file position pointer to be synchronized with the packet flow and scans as closely as possible to the desired location. If the synchronization point is supposed to be a packet with a given timestamp, some interpolation is done and the process repeated, until the packet closest to the desired timestamp has been found.x
Enhancements:
- This release introduces large file support and better build support on OS X.
libpcapnav 0.8 Screenshot
libpcapnav 0.8 Keywords
trace file
wrapper library
libpcapnav
file
packet
trace
Libpcap
library
libpcapnav 0.8
Libraries
Programming
Bookmark libpcapnav 0.8
libpcapnav 0.8 Copyright
WareSeeker periodically updates pricing and software information of libpcapnav 0.8 full version from the publisher, so some information may be slightly out-of-date. You should confirm all information before relying on it. Software piracy is theft, Using crack, password, serial numbers, registration codes, key generators is illegal and prevent future development of libpcapnav 0.8 Edition. Download links are directly from our publisher sites, torrent files or links from rapidshare.com, yousendit.com or megaupload.com are not allowed
Featured Software
Want to place your software product here?
Please contact us for consideration.
Contact WareSeeker.com
Related Information
Related Software
libpcap is a system-independent interface for user-level packet capture. Free Download
libPaje library can be used to create conversion tools from other format to Paje trace file format. Free Download
RPCAP is a Remote Packet Capture system. Free Download
libnaw (the Network Authentication Wrapper Library) is, in essence, a global, uniform authentication method. Free Download
Net::Pcap is an Interface to pcap(3) LBL packet capture library. Free Download
pcsc-ctapi-wrapper library provides a CTAPI-interface to any PC/SC compatible smartcard reader. Free Download
libhid is a user-space HID access library written in C. Free Download
OpenSCADA Utgardis a sub-project of the OpenSCADA project. Free Download
Latest Software
Popular Software
Favourite Software
