Tagged articles

libpcap

6 articles · Page 1 of 1
IT Niuke
IT Niuke
Dec 30, 2023 · Operations

Mastering tcpdump: A Complete Guide to Command‑Line Packet Capture

This article provides a thorough walkthrough of tcpdump, covering installation on Ubuntu, essential command‑line options, practical filtering techniques, logical expressions, examples for saving and reading capture files, and how to combine tcpdump with Wireshark for deeper packet analysis.

LinuxNetwork Monitoringcommand-line
0 likes · 24 min read
Mastering tcpdump: A Complete Guide to Command‑Line Packet Capture
Qunar Tech Salon
Qunar Tech Salon
Oct 19, 2021 · Databases

Design and Implementation of a MySQL Traffic Sniffer for Full‑stack Access Logging

This article describes the background, functional requirements, architecture, packet‑capture implementation using libpcap, MySQL protocol parsing, result processing, and storage strategy (Kafka + ClickHouse) of a custom MySQL sniffer developed at Qunar to provide complete database access logs for auditing, performance analysis, and operations.

ClickHouseDatabase AuditingMySQL
0 likes · 16 min read
Design and Implementation of a MySQL Traffic Sniffer for Full‑stack Access Logging
Refining Core Development Skills
Refining Core Development Skills
Sep 8, 2021 · Fundamentals

How tcpdump Captures Packets Inside the Linux Kernel

This article explains the internal mechanisms of tcpdump, showing how it registers a virtual protocol in the kernel's ptype_all list to intercept packets during both receive and transmit paths, how netfilter interacts with these paths, and provides guidance for building a custom packet‑capture program.

libpcapnetfilternetwork debugging
0 likes · 10 min read
How tcpdump Captures Packets Inside the Linux Kernel
ITPUB
ITPUB
Nov 17, 2020 · Fundamentals

Understanding Linux Packet Capture Engines: libpcap, PF_RING, DPDK, and XDP

This article compares four classic Linux packet‑capture engines—libpcap (and its mmap variant), PF_RING, DPDK, and XDP—explaining their data‑flow architectures, copy operations, zero‑copy techniques, and typical use‑cases such as DDoS defense and high‑speed networking.

DPDKLinuxPF_RING
0 likes · 9 min read
Understanding Linux Packet Capture Engines: libpcap, PF_RING, DPDK, and XDP