I was just thinking about writing a minimal traffic-analyzer and libpnet looks way more suitable for this task than libpcap.
And adding the functionality for a pcap like fileformat doesn't seem that difficult.
The filters are a major pain point, I don't know how libpcap handles this, but at least it says it won't copy packets from kernel- to userspace that are not matching. Thus avoiding alot of overhead, maybe it's possible to introduce some rusty kind of filtering in libpnet, too.
Going to log into Github now and see if I can do something.
And adding the functionality for a pcap like fileformat doesn't seem that difficult.
The filters are a major pain point, I don't know how libpcap handles this, but at least it says it won't copy packets from kernel- to userspace that are not matching. Thus avoiding alot of overhead, maybe it's possible to introduce some rusty kind of filtering in libpnet, too.
Going to log into Github now and see if I can do something.
EDIT: fixed spelling