I am interested in starting an effort to create an interface between TCL and WinPCAP. First off, does anyone know of anything done in this area so far. SS 9Dec2004: You may want to check [hping3] at http://wiki.hping.org. Thanks for the link SS. Very interesting package. [Craig French] has decided to work on creating a Tcl Interface to WinPCAP in a windows environment. It is very much in an alpha state right now so check back to this page if you are interested. JN 12Feb2005: [Jose Nazario] has written a simple Tcl-pcap interface (dubbed [tcap]). It's written for UNIX but should be extendable to any POSIX pcap implementation. Tcap is a very minimal interface to pcap(3) for Tclers. ---- [MJ] - I am implementing a binding to WinPcap. Currently the extension can open network interfaces and dump files, receive packets and apply filters. It is functional enough to implement a tcpdump[http://www.tcpdump.org/] clone. Things to be done are cleanup of the code, testing on different Windows platforms and implementing packet transmission functionality. Project is hosted at [https://sourceforge.net/projects/tclwinpcap/]. '''DD''' - I noticed that it is currently not possible to determine the source/destination IP's and ports per every packet received, would it be possible to implement such functionality? [MJ] - Extraction of source and destination IP has been added in v0.4. This is not very robust, but should work fine for 'normal' IPv4 packets. I am not sure if I will add anything else because I don't see the use in rewriting something as ethereal. '''DD''' - The reason I asked for this feature, is that jpcap had a lot implemented. Ofcourse, when using raw packets it is fairly simple to code myself. Anyway, the IP address functionality is welcome, the source and destination ports need code on the protocol level (TCP/UDP). And it is understandable that you want to leave that part to the end user. ---- Other references: * WinPcap: The Windows Packet Capture Library[http://www.winpcap.org/] * WinDump: tcpdump for Windows[http://www.winpcap.org/windump/] * Relationship of WPCAP.DLL and PACKET.DLL[http://www.tcpdump.org/wpcap.html] * WinPcap Brings Unix Network Tools to Windows[http://www.oreillynet.com/pub/a/oreilly/security/news/securingnt2_1200.html] ---- [Category Networking] | [Category Windows]