Welcome!

This is the home web site of tcpdump, a powerful command-line packet analyzer; and libpcap, a portable C/C++ library for network traffic capture.

Here you can find the latest stable version of tcpdump and libpcap, as well as current development versions, a complete documentation, and information about how to report bugs or contribute patches.

Documentation

The man pages and other documentation within releases and current development versions usually contain the most up to date information. Below you can find online versions of some of these documents, as well as tutorials and in-depth papers written by various authors.

tcpdump

libpcap

Latest Releases

tcpdump

Version: 4.99.1
Release Date: June 9, 2021
Download: tcpdump-4.99.1.tar.gz (change log) (PGP signature and key)

This release contains work in progress to redo how buffer overruns are handled. The next major release will be 5.0, and will aim to replace all of ND_TCHECK_ and most of ND_TTEST_ legacy macros with the new GET_ macros, but this is taking longer than planned. Meanwhile no new code with the legacy macros will be accepted. This tcpdump release requires libpcap 1.10.1 in order to pass all test cases.

libpcap

Version: 1.10.1
Release Date: June 9, 2021
Download: libpcap-1.10.1.tar.gz (change log) (PGP signature and key)

Current Development Versions

The current development versions are freely accessible through the GitHub Git hosting site (tcpdump, libpcap). You can clone these repositories with the following commands:

git clone https://github.com/the-tcpdump-group/tcpdump
git clone https://github.com/the-tcpdump-group/libpcap

A read-only git mirror of all project repositories is available here in case anyone needs it. After cloning the git repositories you can configure and compile the source via either GNU Autoconf or CMake. There is various continuous integration involved in the development process.

Mailing List

tcpdump-workers
This list is focused on development, it also receives announcements. Subscribe by sending an e-mail to tcpdump-workers-request@lists.tcpdump.org with the phrase "subscribe tcpdump-workers" as body and subject, or through the web interface. The list archive from October 2014 onwards can be accessed here. A deeper archive can be found here. Posts to this list must originate from the subscriber's address.

Patches, Bug Reports and Feature Requests

Please use GitHub as follows:

  • Read the guidelines for contributing (tcpdump, libpcap).
  • Submit bug reports and feature requests using the issue tracker (tcpdump, libpcap).
  • Submit patches by forking the repository (tcpdump, libpcap) and opening a pull request.

How to Contribute

tcpdump and libpcap are open source software and anyone can make contributions. You can help by:

  • downloading and testing libpcap and tcpdump on your platform
  • contributing code
  • proofreading the documentation and the man pages
  • providing .pcap files for protocols or protocol features that tcpdump supports, but does not test yet
  • helping to improve the continuous integration scripts and infrastructure

If you want to contribute, please subscribe to the tcpdump-workers mailing list. It's a good idea to discuss bugfixes and new feature additions in advance, because the changes may have bigger implications than you think and your patch may not get accepted.

License

tcpdump and libpcap are under a 3-clause BSD license. While the current authors have no objection to converting to a 2-clause BSD license, the number of contributors that would need to agree makes this change unpracticable.