This is an automated archive made by the Lemmit Bot.

The original was posted on /r/rust by /u/rikonaka on 2025-04-25 03:40:53+00:00.

First of all, I would like to thank the developers of libpnet. Without your efforts, these two software would not exist.

Secondly, I used rust to implement the pcapture library by myself, instead of directly encapsulating libpcap.

xxpdump repo link. pcapture repo link.

In short, xxpdump solves the following problems.

• The filter implementation of tcpdump is not very powerful.
• The tcpdump does not support remote backup traffic.

It is undeniable that libpcap is indeed a very powerful library, but its rust encapsulation pcap seems a bit unsatisfactory.

In short, pcapture solves the following problems.

The first is that when using pcap to capture traffic, I cannot get any data on the data link layer (it uses a fake data link layer data). I tried to increase the executable file’s permissions to root, but I still got a fake data link layer header (this is actually an important reason for launching this project).

Secondly, this pcap library does not support filters, which is easy to understand. In order to implement packet filtering, we have to implement these functions ourselves (it will be very uncomfortable to use).

The third is that you need to install additional libraries (libpcap & libpcap-dev) to use the pcap library.

Then these two softwares are the products of my 20% spare time, and suggestions are welcome.