search

kunklejr / node-pcap-parser

Packet capture (pcap) file parser written in pure javascript for Node.js
MIT License
85 stars 16 forks source link

pcap-ng format not supported #5

Open waywardmonkeys opened 9 years ago

waywardmonkeys commented 9 years ago

On Mac OS X at least, tcpdump uses pcap-ng format by default (unless you specify an interface).

Are there plans or is there any interest in adding pcap-ng support to this library?

kunklejr commented 9 years ago

There are no plans but I'd be happy to accept a pull request to support the format. :)

waywardmonkeys commented 9 years ago

I'll give it some thought. I have a blog post about doing this sort of stuff with Node coming up and this came up while researching it.

If I do this project, I'm using https://github.com/keichi/binary-parser which greatly simplifies things for parsing ethernet frames, IP, TCP, etc.

kunklejr commented 9 years ago

That's fine with me. Seems like a nice library to retrofit the existing code with too.

megastef commented 9 years ago

Did anybody work on pcap-ng?

kunklejr commented 9 years ago

Not that I'm aware of. @waywardmonkeys talked about looking into it but I don't know if he's had a chance to do it.