In this chapter you will learn how to enable Ethereal to read from new data sources. Programming with libpcap is introduced. You will be able to read ASCII hex dump files into Ethereal. For a more integrated solution, you will be able to teach Ethereal to read and possibly write a new file format natively.

The most commonly used open source library for capturing packets from the network is libpcap, whose name is an abbreviation of packet capture library. Originally developed at the Lawrence Berkeley Laboratory, it is currently maintained by the same loosely knit group of people who maintain tcpdump, the venerable ...