I am interested in starting an effort to create an interface between TCL and WinPCAP.  

First off, does anyone know of anything done in this area so far.

SS 9Dec2004: You may want to check [hping3] at http://wiki.hping.org.

Thanks for the link SS.  Very interesting package.

[Craig French] has decided to work on creating a Tcl Interface to WinPCAP in a windows environment.  It is very much in an alpha state right now so check back to this page if you are interested.

JN 12Feb2005: [Jose Nazario] has written a simple Tcl-pcap interface (dubbed [tcap]). It's written for UNIX but should be extendable to any POSIX pcap implementation. Tcap is a very minimal interface to pcap(3) for Tclers.
----
[MJ] - I am implementing a binding to WinPcap.
Currently the extension can open network interfaces and dump files, receive packets and apply filters.
It is functional enough to implement a tcpdump[http://www.tcpdump.org/] clone.
Things to be done are cleanup of the code, testing on different Windows platforms and implementing packet transmission functionality. Project is hosted at [https://sourceforge.net/projects/tclwinpcap/].

'''DD''' - I noticed that it is currently not possible to determine the source/destination IP's and ports per every packet received, would it be possible to implement such functionality?
----
Other references:
   * WinPcap: The Windows Packet Capture Library[http://www.winpcap.org/]
   * WinDump: tcpdump for Windows[http://www.winpcap.org/windump/]
   * Relationship of WPCAP.DLL and PACKET.DLL[http://www.tcpdump.org/wpcap.html]
   * WinPcap Brings Unix Network Tools to Windows[http://www.oreillynet.com/pub/a/oreilly/security/news/securingnt2_1200.html]

----
[Category Networking] | [Category Windows]