libpcap
E484050
libpcap is a widely used packet capture library and file format for recording and analyzing network traffic across various tools and platforms.
Statements (49)
| Predicate | Object |
|---|---|
| instanceOf |
file format
ⓘ
packet capture library ⓘ software library ⓘ |
| category |
network protocol analyzer component
ⓘ
networking software ⓘ |
| distribution | commonly included in Unix-like OS distributions ⓘ |
| fileFormatExtension | .pcap ⓘ |
| fileFormatType | binary capture file ⓘ |
| hasSuccessorFormat | pcapng NERFINISHED ⓘ |
| inspired |
Npcap
NERFINISHED
ⓘ
WinPcap NERFINISHED ⓘ |
| license | BSD-style license NERFINISHED ⓘ |
| maintainedBy | tcpdump.org project ⓘ |
| operatingSystem |
BSD
NERFINISHED
ⓘ
Linux ⓘ Unix-like systems ⓘ macOS ⓘ |
| programmingLanguage | C ⓘ |
| providesAPI |
pcap_compile
ⓘ
pcap_datalink ⓘ pcap_dump ⓘ pcap_loop ⓘ pcap_next_ex ⓘ pcap_open_live ⓘ pcap_open_offline NERFINISHED ⓘ pcap_setfilter ⓘ |
| supportsFeature |
BPF filtering
ⓘ
link-layer header parsing ⓘ live packet capture ⓘ offline packet analysis ⓘ timestamping of packets ⓘ |
| supportsLinkLayer |
Ethernet
NERFINISHED
ⓘ
IEEE 802.11 NERFINISHED ⓘ Linux cooked capture ⓘ Loopback ⓘ PPP NERFINISHED ⓘ VLAN ⓘ |
| usedBy |
Bro
NERFINISHED
ⓘ
Snort NERFINISHED ⓘ Suricata NERFINISHED ⓘ Tshark NERFINISHED ⓘ Wireshark NERFINISHED ⓘ Zeek NERFINISHED ⓘ tcpdump NERFINISHED ⓘ |
| usedFor |
intrusion detection
ⓘ
network forensics ⓘ network traffic analysis ⓘ network troubleshooting ⓘ protocol development ⓘ |
Referenced by (2)
Full triples — surface form annotated when it differs from this entity's canonical label.