Hi Cedric,
> Looks very similar to : > > http://github.com/securactive/junkie > > Is the intention of junkie to follow TCP streams and reassemble complete HTTP requests/responses from the packets? How far is this implemented? > if you can live with the AGPL, maybe we could join forces ? > At first sight it sounds tempting, as I have no intention to re-invent the wheel again. Though, the project "libnids" already seems to follow TCP streams and fully re-assemble HTTP requests/responses. Though, in some of our side-projects we need to follow TCP streams with truncated packets and libnids is not designed for this. It would be nice to use one solution for all our projects, and maybe junkie could solve this. Cheers, Andrej - This is the tcpdump-workers list. Visit https://cod.sandelman.ca/ to unsubscribe.
