Skip to content
/ ntar-reader Public

NTAR-Reader: Reader for Network Trace Archival and Retrieval

License

MIT license
0 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

winking324/ntar-reader

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

21 Commits
include
include
 
 
src
src
 
 
test
test
 
 
.clang-format
.clang-format
 
 
.gitignore
.gitignore
 
 
CMakeLists.txt
CMakeLists.txt
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 

Repository files navigation

ntar-reader

Reader for NTAR(Network Trace Archival and Retrieval).

Features

Block types:

BlockType BlockName Status
0x00000001 Interface Description Block
0x00000002 Packet Block
0x00000003 Simple Packet Block
0x00000004 Name Resolution Block
0x00000005 Interface Statistics Block
0x00000006 Enhanced Packet Block
0x0000000A Decryption Secrets Block
0x00000BAD Custom Block(Copiable)
0x40000BAD Custom Block
0x0A0D0D0A Section Header Block

Others:

  1. ✅ multiple SHB sections.
  2. ✅ multiple SHB sections of different endianness.
  3. ✅ packet data not padded to 32bits.
  4. ❎ multiple SHB sections of different padding(32bits).

Refer to

About

NTAR-Reader: Reader for Network Trace Archival and Retrieval

Topics

network reader wireshark pcapng ntar

Resources

Readme

License

MIT license
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

1 tags

Packages

No packages published

Languages