I'm a bit confused about naming. How does NTAR stand with respect to libpcap?
Is it in fact libpcap 1.0? Or just an independent implementation of the
proposed/agreed format for 'libpcap-ng'?
Can NTAR read 'old' format libpcap traces?
What's next for libpcap development, is there the intent for a new version
of libpcap to also process the new format? Independently of NTAR? With or
without backwards compatibility at the file reading or API levels?
Thanks,
Stephen.
Gianluca Varenni wrote:
Hi all.
This mail is to announce the birth of the NTAR project. NTAR stands for
Network Trace Archival and Retrieval library, and is an implementation of
the PCAP next generation dump file format, that was proposed and discussed
last year by several folks on the libpcap/tcpdump and WinPcap mailing
lists.
The library is released under the 3-clause/BSD license.
The URL of the project is:
http://www.winpcap.org/ntar
On this website you can find
- the source file of the library (both for windows and *nix)
- the HTML documentation of the API (generated with doxygen from the
commented source files), both for the user and for someone wanting to
extend it. The docs contain some tests/examples that you can look to
get an idea of how the library works.
- An updated version of the PCAP draft specifying the file format.
The original draft of the file format is available at
http://www.tcpdump.org/pcap/pcap.html
I'm seeking contributors to improve the library in terms of
- testing the library on different platforms and operating systems
- reviewing the API
- implementing new extensions to the library.
A mailing list, [EMAIL PROTECTED], has been created for NTAR-related
discussions. People interested in this project are welcome to join it, the
mailman web interface to subscribe is available at
https://www.winpcap.org/mailman/listinfo/ntar-workers
Have a nice day
Gianluca Varenni
--
-----------------------------------------------------------------------
Stephen Donnelly BCMS PhD email: [EMAIL PROTECTED]
Endace Technology Ltd phone: +64 7 839 0540
Hamilton, New Zealand cell: +64 21 1104378
-----------------------------------------------------------------------
-
This is the tcpdump-workers list.
Visit https://lists.sandelman.ca/ to unsubscribe.
