[pcap-ng-format] Should we add the "ntartest.c" file and some sample pcapng files from the Wireshark Wiki pcapng page to the repository?
Guy Harris
guy at alum.mit.edu
Tue Aug 25 03:08:56 UTC 2015
The Wireshark Wiki page on pcapng:
https://wiki.wireshark.org/Development/PcapNg
has an attachment "ntartest.c" that's a small test program to read pcapng files:
"ntartest - a simplistic standalone pcapng (ntar) file reader
Included below is the C source code to a very simplistic program to read and dump header information about a pcapng (a.k.a. ntar) file. This program has been successfully compiled using gcc and used on several different types of systems including Linux, cygwin and Solaris 9."
https://wiki.wireshark.org/Development/PcapNg?action=AttachFile&do=view&target=ntartest.c
Should we add that to the pcapng repository? We might want to work on it to turn it into not only a pcapng dumper but a pcapng *verifier*, in order to, for example, verify the output of software writing pcapng files, as was requested in this Wireshark Q&A entry:
https://ask.wireshark.org/questions/44966/how-to-verifycheck-pcapng-format
We might also want to move some of the capture files attached to that Wireshark Wiki page to the repository for use as tests for pcapng readers.
More information about the pcap-ng-format
mailing list