tcpflow  1.6.1
About: tcpflow is a TCP/IP packet demultiplexer that captures data transmitted as part of TCP connections (flows), and stores the data in a way that is convenient for protocol analysis and debugging.
  Fossies Dox: tcpflow-1.6.1.tar.gz  ("unofficial" and yet experimental doxygen-generated source code documentation)  

be13 Namespace Reference

Classes

struct  ether_addr
 
struct  ether_header
 
struct  ip4_addr
 
struct  ip4
 
struct  ip4_dgram
 
struct  ip6_addr
 
struct  ip6_hdr
 
struct  ip6_dgram
 
struct  tcphdr
 
class  packet_info
 
struct  plugin
 

Typedefs

typedef uint32_t ip4_addr_t
 
typedef uint32_t tcp_seq
 

Detailed Description

bulk_extractor has a private implementation of IPv4 and IPv6, UDP and TCP.

We did this becuase we found slightly different versions on MacOS, Ubuntu Linux, Fedora Linux, Centos, Mingw, and Cygwin. TCP/IP isn't changing anytime soon, and when it changes (as it did with IPv6), these different systems all implemented it slightly differently, and that caused a lot of problems for us. So the BE13 API has a single implementation and it's good enough for our uses.