WinPcap: a Packet Capture Architecture for Windows

WinPcap is an architecture for packet capture and network analysis for the Win32 platforms, based on the model of BPF and libpcap for UNIX. It includes a kernel-level packet filter driver, a low-level dynamic link library (packet.dll), and a high-level and system-independent library (libpcap, based on version 0.4a6).

The packet capture driver is a device driver that adds to Windows 95, Windows 98, Windows NT and Windows 2000 the ability to capture and send raw packets in a way very similar to the Berkeley Packet Filter of UNIX kernels. Packet.dll is an API that can be used to access directly the functions of the BPF driver. WinPcap exports a set of primitives that are compatible with libpcap, the famous UNIX capture library. It offers a set of higher level functions to capture packets in a way independent from the underlying network hardware and operating system.

WinPcap is used by our tools WinDump and Analyzer (a network sniffer with graphical interface) to capture and handle the network traffic.

WinPcap is released under a BSD-style licence.

This work has been partially sponsored by Microsoft Research.

 

Release 2.02
30 Mar 2000

[Download]

[Documentation]

[FAQ]

[Compatibility]

[Credits]

[History]

[Hot Stuff]

Hit Counter

(from 30/03/00)

new.gif (211 byte) Version 2.02 is out! new.gif (211 byte) Updated Developer's pack available! new.gif (211 byte) Source code available!
This new release fixes some bugs of the 2.01 version and offers improved capture performances. Moreover, it supports Windows 2000, it introduces the possibility to have multiple capture programs at the same time in Windows 95/98, and it optimizes the writing process on Windows NT/2000. Developer's pack can be used to create capture applications using the packet capture library (libpcap) or the BPF packet driver directly. Developer's pack now gives the possibility use version 2.02 of the BPF packet driver. In addition there is a more complete and clear selection of examples.   Source code of version 2.02 of the full WinPcap project is available. This includes the BPF packet capture driver and libpcap for Windows.

Please send bug reports to winpcap@netgroup-serv.polito.it.

This product includes software developed by the University of California, Lawrence Berkeley Laboratory and its contributors.
Copyright notice.