-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathindex.html
88 lines (88 loc) · 3.78 KB
/
index.html
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
---
title: Welcome to PcapPlusPlus web-site
layout: default
section: home
---
<h1>Welcome To PcapPlusPlus Web-site</h1>
<p>PcapPlusPlus is a multiplatform C++ network sniffing and packet parsing and crafting framework. It's meant to be lightweight, efficient and easy to use</p>
<h2>What makes PcapPlusPlus different from similar C++ wrappers for libpcap/WinPcap?</h2>
<ul>
<li>Designed to be lightweight and efficient (see <a href="benchmark.html">benchmark results</a>)</li>
<li>Support for <strong>DPDK</strong> fast packet processing engine which enables packet capturing and transmition in line rate using kernel bypass</li>
<li>Support for ntop's <strong>PF_RING</strong> packet capturing engine that dramatically improves the packet capture speed</li>
<li>Support for parsing and editing of many protocols, including L7 protocols like HTTP and SSL/TLS</li>
<li>Unique implementation of <strong>TCP reassembly</strong> logic which includes support of TCP retransmission, out-of-order TCP packets and missing TCP data</li>
<li>Support for Remote Capture capabilities on Windows (using RPCAP protocol supported in WinPcap)</li>
<li>Support for reading and writing <strong>PCAPNG</strong> files (a lot more more than currently supported in WinPcap/libpcap)</li>
<li>Vast object-oriented filtering mechanism that makes libpcap filters a lot more user-friendly (no need to know the exact filter string to use)</li>
</ul>
<h2>PcapPlusPlus is multi-platform!</h2>
<p>PcapPlusPlus is currently supported on <strong>Windows</strong>, <strong>Linux</strong> and <strong>Mac OS X</strong>. It was tested on the follwoing platforms:</p>
<h6><strong>Windows</strong></h6>
<ul>
<li>Microsoft Visual Studio 2015 - x86 (32-bit) & x64 (64-bit) configurations</li>
<li>MinGW32 - x86 (32-bit) configuration only</li>
<li>MinGW-w64 - x86 (32-bit) configuration only</li>
</ul>
<h6><strong>Linux</strong></h6>
<ul>
<li>Ubuntu (12.04 LTS, 14.04 LTS, 16.04 LTS, 18.04 LTS)</li>
<li>Fedora 26</li>
<li>CentOS 7</li>
<li>It should work on other Linux distributions as well</li>
</ul>
<h6><strong>Mac OS X</strong></h6>
<ul>
<li>Yosemite (10.10)</li>
<li>El Capitan (10.11)</li>
<li>Sierra (10.12)</li>
<li>High Sierra (10.13)</li>
</ul>
<h2>Supported packet capture engines</h2>
<p>PcapPlusPlus currently works with the following packet capture engines:</p>
<ul>
<li>libpcap live capture (on Linux and Mac OS X)</li>
<li>WinPcap live capture (on Windows)</li>
<li>ntop's Vanilla PF_RING engine (on Linux)</li>
<li>Intel DPDK engine (on Linux)</li>
<li>WinPcap Remote live capture (on Windows)</li>
<li>PCAP and PCAPNG file devices (reading and writing)</li>
</ul>
<h2 id=supported-protocols>Supported protocols</h2>
<p>The Packet++ library currently supports parsing, editing and creation of packets of the following protocols:</p>
<ul>
<li>Ethernet</li>
<li>SLL (Linux cooked capture)</li>
<li>Null/Loopback</li>
<li>Raw IP (IPv4 & IPv6)</li>
<li>IPv4</li>
<li>IPv6</li>
<li>ARP</li>
<li>VLAN</li>
<li>VXLAN</li>
<li>MPLS</li>
<li>PPPoE</li>
<li>GRE</li>
<li>TCP</li>
<li>UDP</li>
<li>ICMP</li>
<li>IGMP (IGMPv1, IGMPv2 and IGMPv3 are supported)</li>
<li>SIP</li>
<li>SDP</li>
<li>RADIUS</li>
<li>DNS</li>
<li>DHCP</li>
<li>HTTP headers (request & response)</li>
<li>SSL/TLS - parsing only (no editing capabilities)</li>
<li>Packet trailer (a.k.a footer or padding)</li>
<li>Generic payload</li>
</ul>
<h2 id=packet-and-network-utils>Packet And Network Utilities</h2>
<ul>
<li>TCP reassembly logic</li>
<li>IPv4 reassembly logic (a.k.a IPv4 de-fragmentation)</li>
<li>Packet hash key creation (by 5-tuple and 2-tuple)</li>
<li>Retrieve remote machine MAC address using ARP protocol</li>
<li>Retrieve host IPv4 address by using DNS protocol</li>
<li>Checksum calculation</li>
</ul>