Network Packet Analysis API

What is libpcap?:

The libpcap library can be used to read, record, inject and in general deal with network packets at a higher level than raw sockets. Essentially libpcap can be used to easily collect up or manipulate packets. Libpcap functions also abstract a lot of the differences between Operating Systems' network API making programs that leverage libpcap generally more portable or perhaps saving the programmer the headache of writing their own network API layer. This is not to say dealing with packets even with libpcap is easy; just slightly easier.

Tools that use libpcap : Wireshark, Tcpdump


1. Packet Reading with libpcap Part 1 -

2. On the Wire: Network Capture Tools for API Developers -