1.. SPDX-License-Identifier: BSD-3-Clause 2 Copyright(c) 2021 Microsoft Corporation 3 4Packet Capture Next Generation Library 5====================================== 6 7Exchanging packet traces becomes more and more critical every day. 8The de facto standard for this is the format define by libpcap; 9but that format is rather old and is lacking in functionality 10for more modern applications. 11The `Pcapng file format`_ is the default capture file format 12for modern network capture processing tools 13such as `wireshark`_ (can also be read by `tcpdump`_). 14 15The Pcapng library is a an API for formatting packet data 16into a Pcapng file. 17The format conforms to the current `Pcapng RFC`_ standard. 18It is designed to be integrated with the packet capture library. 19 20Usage 21----- 22 23Before the library can be used, the function ``rte_pcapng_init`` 24should be called once to initialize timestamp computation. 25 26The output stream is created with ``rte_pcapng_fdopen``, 27and should be closed with ``rte_pcapng_close``. 28 29The library requires a DPDK mempool to allocate mbufs. 30The mbufs need to be able to accommodate additional space 31for the pcapng packet format header and trailer information; 32the function ``rte_pcapng_mbuf_size`` should be used 33to determine the lower bound based on MTU. 34 35Collecting packets is done in two parts. 36The function ``rte_pcapng_copy`` is used to format and copy mbuf data 37and ``rte_pcapng_write_packets`` writes a burst of packets to the output file. 38 39The function ``rte_pcapng_write_stats`` can be used 40to write statistics information into the output file. 41The summary statistics information is automatically added 42by ``rte_pcapng_close``. 43 44.. _Tcpdump: https://tcpdump.org/ 45.. _Wireshark: https://wireshark.org/ 46.. _Pcapng file format: https://github.com/pcapng/pcapng/ 47.. _Pcapng RFC: https://datatracker.ietf.org/doc/html/draft-tuexen-opsawg-pcapng 48