[ntar-workers] Re: [tcpdump-workers] [ANNOUNCE] NTAR - PCAP next generation dump file format implementation

Stephen Donnelly stephen at endace.com
Mon Jun 27 01:16:08 GMT 2005 

I'm a bit confused about naming. How does NTAR stand with respect to libpcap?

Is it in fact libpcap 1.0? Or just an independent implementation of the 
proposed/agreed format for 'libpcap-ng'?

Can NTAR read 'old' format libpcap traces?

What's next for libpcap development, is there the intent for a new version 
of libpcap to also process the new format? Independently of NTAR? With or 
without backwards compatibility at the file reading or API levels?

Thanks,
Stephen.

Gianluca Varenni wrote:
> Hi all.
> 
> This mail is to announce the birth of the NTAR project. NTAR stands for
> Network Trace Archival and Retrieval library, and is an implementation of
> the PCAP next generation dump file format, that was proposed and discussed
> last year by several folks on the libpcap/tcpdump and WinPcap mailing 
> lists.
> The library is released under the 3-clause/BSD license.
> 
> The URL of the project is:
> 
> http://www.winpcap.org/ntar
> 
> On this website you can find
> - the source file of the library (both for windows and *nix)
> - the HTML documentation of the API (generated with doxygen from the
>  commented source files), both for the user  and for someone wanting to
>  extend it. The docs contain some tests/examples that you can look to
>  get an idea of how the library works.
> - An updated version of the PCAP draft specifying the file format.
>  The original draft of the file format is available at
>     http://www.tcpdump.org/pcap/pcap.html
> 
> 
> 
> I'm seeking contributors to improve the library in terms of
> - testing the library on different platforms and operating systems
> - reviewing the API
> - implementing new extensions to the library.
> 
> A mailing list, ntar-workers at winpcap.org, has been created for NTAR-related
> discussions. People interested in this project are welcome to join it, the
> mailman web interface to subscribe is available at
> 
> https://www.winpcap.org/mailman/listinfo/ntar-workers
> 
> Have a nice day
> Gianluca Varenni
-- 
-----------------------------------------------------------------------
     Stephen Donnelly BCMS PhD           email: sfd at endace.com
     Endace Technology Ltd   	        phone: +64 7 839 0540
     Hamilton, New Zealand               cell:  +64 21 1104378
-----------------------------------------------------------------------

More information about the ntar-workers mailing list