Welcome!

This is the official web site of tcpdump, a powerful command-line packet analyzer; and libpcap, a portable C/C++ library for network traffic capture.

In this page, you'll find the latest stable version of tcpdump and libpcap, as well as current development snapshots, a complete documentation, and information about how to report bugs or contribute patches.

Documentation

Full documentation is provided with the source packages in man page format. People with Windows distributions are best to check the Windows PCAP page for references to WinDUMP. What follows are the man pages formatted in HTML (using man2html) and some tutorials written by external contributors.

Latest Releases

Tcpdump

Version: 4.9.1
Release Date: July 23, 2017

Libpcap

Version: 1.8.1
Release Date: October 25, 2016

Version 1.8.0 was partially released in August 2016, but was withheld along with tcpdump 4.8.0.

Old Releases

Tcpdump

Version: 4.8.1
Release Date: October 25, 2016

Version 4.8.0 was partially released in August 2016, but was withheld due to outstanding security patches.

Version: 4.7.4
Release Date: April 22, 2015

Version 4.7.0 was partially released in December 2014, for security patches, but never properly released. tcpdump 4.7.1 was cycled with errors. tcpdump 4.7.2 was released 2015-03-10, but had build issues on FreeBSD. tcpdump 4.7.3 was released 2015-03-11. tcpdump 4.7.4 was released 2015-04-22.

Libpcap

Version: 1.7.4
Release Date: June 26, 2015

Version 1.7.0 was partially released in December 2014, along with tcpdump 1.7.0, but was never properly released. libpcap 1.7.1 was cycled with errors. libpcap 1.7.2 was released 2015-03-11. libpcap 1.7.3 was released 2015-04-22.

Old releases can be found at the release archive. Every release is provided with its corresponding PGP signature file (tcpdump.org signing key).

Current Development Versions

The current development versions are freely accessible through the GitHub Git site. tcpdump can be found at GitHub: tcpdump and libpcap can be found at GitHub: libpcap. You can clone the tcpdump GitHub repository using

    git clone https://github.com/the-tcpdump-group/tcpdump.git
            
and can clone the libpcap GitHub repository using
    git clone https://github.com/the-tcpdump-group/libpcap.git
            
You can then configure and compile the source via the normal GNU autoconf method.

You are also encouraged to submit patches in the form of git trees hosted on GitHub or elsewhere.

The continuous integration systems below automatically build the current development versions of tcpdump and libpcap:

Mirrors

There are some mirrors of this page that might be closer to you, or just generally faster.

Mailing List

There is currently one working mailing list:

tcpdump-workers
This list is focused on development, it also receives announcements. Subscribe by sending an e-mail to tcpdump-workers-request@lists.tcpdump.org with the phrase "subscribe tcpdump-workers" as body and subject, or through the web interface. The list archive from October 2014 onwards can be accessed here. A deeper archive can be found here. Posts to this list must originate from the subscriber's address.

Security

Email to report security issues: security@tcpdump.org

Patches, Bug Reports and Feature Requests

Bugs and patches are tracked through GitHub. Please submit them using the following resources:

For libpcap (please read the guidelines for contributing first):

  • Submit bugs and feature requests on the issue tracker.

  • Submit patches by forking the branch at GitHub: libpcap and issuing a pull request.

For tcpdump (please read the guidelines for contributing first):

  • Submit bugs and feature requests on the issue tracker.

  • Submit patches by forking the branch at GitHub: tcpdump and issuing a pull request.

github.com

How to Contribute

Tcpdump and libpcap are open source software and anyone can make contributions. Basically we need people to:

  • Download and test versions of libpcap and tcpdump on their platform
  • Contribute code
  • Maintain web pages (less important now)
  • Maintain binary/RPM packages

If you want to contribute, please subscribe to the tcpdump-workers mailing list. It's a good idea to discuss bugfixes and new feature additions in advance, because the changes may have bigger implications than you think and your patch may not get accepted.