node-pcap-parser icon indicating copy to clipboard operation
node-pcap-parser copied to clipboard
verified publisher icon kunklejr

pcap-ng format not supported

Open waywardmonkeys opened this issue 11 years ago • 5 comments

On Mac OS X at least, tcpdump uses pcap-ng format by default (unless you specify an interface).

Are there plans or is there any interest in adding pcap-ng support to this library?

waywardmonkeys avatar Oct 24 '14 15:10 waywardmonkeys

There are no plans but I'd be happy to accept a pull request to support the format. :)

kunklejr avatar Oct 24 '14 16:10 kunklejr

I'll give it some thought. I have a blog post about doing this sort of stuff with Node coming up and this came up while researching it.

If I do this project, I'm using https://github.com/keichi/binary-parser which greatly simplifies things for parsing ethernet frames, IP, TCP, etc.

waywardmonkeys avatar Oct 24 '14 17:10 waywardmonkeys

That's fine with me. Seems like a nice library to retrofit the existing code with too.

kunklejr avatar Oct 24 '14 17:10 kunklejr

Did anybody work on pcap-ng?

megastef avatar Jan 27 '15 15:01 megastef

Not that I'm aware of. @waywardmonkeys talked about looking into it but I don't know if he's had a chance to do it.

kunklejr avatar Jan 28 '15 01:01 kunklejr