How to access file header info?

Hello. I'm using pcpp::PcapFileReaderDevice reader(filename); I would like to read Magic Number from file header, which represents time format. I could not find anything that allows to access header struct. How to do this?

Do you know if libpcap provides an API to read this magic number? PcapPlusPlus relies on libpcap/WinPcap/Npcap to read .pcap files so if there's no such API there's no way for PcapPlusPlus to fetch this information.

We did add the PCAP_TSTAMP_PRECISION_NANO compilation flag to open files in nanosec precision, but that assumes you know the file's precision...

I've compiled pcap++ with PCAP_TSTAMP_PRECISION_NANO. Read pcap file, update timespec, write to another file => produces rounded timestamp. 1601234567.000051234 (written time) becomes 1601234567.000051000 in output file acconding to wireshark

Seems like writePacket does not use this flag

I think this supposed to be pcap_open_dead_with_tstamp_precision

#if defined(PCAP_TSTAMP_PRECISION_NANO)
	m_PcapDescriptor = pcap_open_dead_with_tstamp_precision(m_PcapLinkLayerType, PCPP_MAX_PACKET_SIZE, PCAP_TSTAMP_PRECISION_NANO);
#else
	m_PcapDescriptor = pcap_open_dead(m_PcapLinkLayerType, PCPP_MAX_PACKET_SIZE);
#endif

I've also commented *1000 and /1000 in Common++\header\TimespecTimeval.h

After these changes I was able to produce pcap file with nanoseconds, which are seen in Wireshark

Thanks for debugging the issue! Can you please open a PR with the fix?

@GilbertoTheMighty will you consider opening a PR with the fix?

@GilbertoTheMighty will you consider opening a PR with the fix?

@GilbertoTheMighty I'm not sure if you saw my previous comment. Please let me know if you can open a PR with the fix