Welcome!

This is the home web site of tcpdump, a powerful command-line packet analyzer; and libpcap, a portable C/C++ library for network traffic capture.

Here you can find the latest stable version of tcpdump and libpcap, as well as current development versions, a complete documentation, and information about how to report bugs or contribute patches.

Documentation

The man pages and other documentation within releases and current development versions usually contain the most up to date information. Below you can find online versions of some of these documents, as well as tutorials and in-depth papers written by various authors.

tcpdump

libpcap

Latest Releases

tcpdump

Version: 4.99.4
Release Date: April 7, 2023
Download: tcpdump-4.99.4.tar.xz (change log) (PGP signature and key)

This tcpdump release fixes an out-of-bounds write vulnerability (CVE-2023-1801) present in the previous release (4.99.3) in the SMB printer, which is not compiled by default. It also makes various minor improvements. This release requires libpcap 1.10.0 or later to pass all test cases.

libpcap

Version: 1.10.4
Release Date: April 7, 2023
Download: libpcap-1.10.4.tar.xz (change log) (PGP signature and key)

This libpcap release makes minor improvements to the build system, documentation and code style.

Current Development Versions

The current development versions are freely accessible through the GitHub Git hosting site (tcpdump, libpcap). You can clone these repositories with the following commands:

git clone https://github.com/the-tcpdump-group/tcpdump
git clone https://github.com/the-tcpdump-group/libpcap

A read-only git mirror of all project repositories is available here in case anyone needs it. After cloning the git repositories you can configure and compile the source via either GNU Autoconf or CMake. There is various continuous integration involved in the development process.

Mailing List

tcpdump-workers
This list is focused on development, it also receives announcements. Subscribe by sending an e-mail to tcpdump-workers-request@lists.tcpdump.org with the phrase "subscribe tcpdump-workers" as body and subject. A list archive, dating back to 2002-10-01, can be found here, and an archive dating back to 1999-10-18 can be found here. Posts to this list must originate from the subscriber's address.

Patches, Bug Reports and Feature Requests

Please use GitHub as follows:

  • Read the guidelines for contributing (tcpdump, libpcap).
  • Submit bug reports and feature requests using the issue tracker (tcpdump, libpcap).
  • Submit patches by forking the repository (tcpdump, libpcap) and opening a pull request.

How to Contribute

tcpdump and libpcap are open source software and anyone can make contributions. You can help by:

  • downloading and testing libpcap and tcpdump on your platform
  • contributing code
  • proofreading the documentation and the man pages
  • providing .pcap files for protocols or protocol features that tcpdump supports, but does not test yet
  • helping to improve the continuous integration scripts and infrastructure

If you want to contribute, please subscribe to the tcpdump-workers mailing list. It's a good idea to discuss bugfixes and new feature additions in advance, because the changes may have bigger implications than you think and your patch may not get accepted.

License

tcpdump and libpcap are under a 3-clause BSD license. While the current authors have no objection to converting to a 2-clause BSD license, the number of contributors that would need to agree makes this change unpracticable.