[Bro] [Fwd: [tcpdump-workers] [ANNOUNCE] NTAR - PCAP next generation dump file format implementation]
christian at whoop.org
Sun Jun 26 15:53:41 PDT 2005
I'm forwarding this from the tcpdump-workers list since it's of interest
to various folks around here.
-------- Forwarded Message --------
> From: Gianluca Varenni <gianluca.varenni at gmail.com>
> Reply-To: tcpdump-workers at lists.tcpdump.org
> To: winpcap-users at winpcap.org, tcpdump-workers at lists.tcpdump.org,
> Ethereal development <ethereal-dev at ethereal.com>
> Subject: [tcpdump-workers] [ANNOUNCE] NTAR - PCAP next generation dump
> file format implementation
> Date: Sat, 25 Jun 2005 17:15:34 -0700
> Hi all.
> This mail is to announce the birth of the NTAR project. NTAR stands for
> Network Trace Archival and Retrieval library, and is an implementation of
> the PCAP next generation dump file format, that was proposed and discussed
> last year by several folks on the libpcap/tcpdump and WinPcap mailing lists.
> The library is released under the 3-clause/BSD license.
> The URL of the project is:
> On this website you can find
> - the source file of the library (both for windows and *nix)
> - the HTML documentation of the API (generated with doxygen from the
> commented source files), both for the user and for someone wanting to
> extend it. The docs contain some tests/examples that you can look to
> get an idea of how the library works.
> - An updated version of the PCAP draft specifying the file format.
> The original draft of the file format is available at
> I'm seeking contributors to improve the library in terms of
> - testing the library on different platforms and operating systems
> - reviewing the API
> - implementing new extensions to the library.
> A mailing list, ntar-workers at winpcap.org, has been created for NTAR-related
> discussions. People interested in this project are welcome to join it, the
> mailman web interface to subscribe is available at
> Have a nice day
> Gianluca Varenni
More information about the Bro