Welcome!

This is the official web site of tcpdump, a powerful command-line packet analyzer; and libpcap, a portable C/C++ library for network traffic capture.

In this page, you'll find the latest stable version of tcpdump and libpcap, as well as current development snapshots, a complete documentation, and information about how to report bugs or contribute patches.

Documentation

Full documentation is provided with the source packages in man page format. People with Windows distributions are best to check the Windows PCAP page for references to WinDUMP. What follows are the man pages formatted in HTML (using man2html) and some tutorials written by external contributors.

Latest Release

Version: 4.6.1 / 1.6.1
Release Date: Jul 19, 2014

Version 4.6.0/1.6.0 revised for minor fixes discovered during rc process

Old Releases

Version: 4.5.1 / 1.5.3
Release Date: Nov 20, 2013/Dec 3, 2013/Jan 14, 2014

Version 4.5.0/1.5.0 revised for non-code edits and a crash fix in libpcap Version libpcap 1.5.1 revised for interop against Linux prior to 3.2.0 Version libpcap 1.5.2 revised for for further issues with TPACKET_V3 packet capture

Version: 4.4.0 / 1.4.0
Release Date: May 20, 2013

Version: 4.3.0 / 1.3.0
Release Date: June 12, 2012

Version: 4.2.1 / 1.2.1
Release Date: January 1, 2012

Version: 4.1.1 / 1.1.1
Release Date: April 5, 2010

If you can offer binary/RPM distributions, please contact tcpdump-workers@lists.tcpdump.org.

Release 4.1.0 / 1.1.0 had build issues on FreeBSD, and did not unpack into the expected directory. So a point release was made.

Old releases can be found at the release archive. Every release is provided with its corresponding PGP signature file. To download tcpdump.org signing key: [tcpdump-workers.asc]

TCPDUMP 4.0.0 / LIBPCAP 1.0.0

Version: 4.0.0 / 1.0.0
Release Date: October 27, 2008

Current Development Version

The current development version is freely accessible through the anonymous GIT server. To checkout a copy of libpcap or tcpdump, do:

git clone git://bpf.tcpdump.org/tcpdump

git clone git://bpf.tcpdump.org/libpcap

One can then configure and compile the source via the normal GNU autoconf method. You can also find a nightly update at git hub: libpcap and git hub: tcpdump and you are encouraged to do your initial clone from there:

git clone https://github.com/the-tcpdump-group/libpcap.git

git clone https://github.com/the-tcpdump-group/tcpdump.git

You are also encouraged to submit patches in the form of git trees hosted on github or elsewhere.

The continuous integration systems below automatically build the current development version of tcpdump/libpcap:

Mirrors

There are some mirrors of this page that might be closer to you, or just generally faster.

Mailing Lists

There are two mailing lists that have been set up:

tcpdump-announce
This list is for announcements only. Subscribe by sending an e-mail to tcpdump-announce-request@lists.tcpdump.org with the phrase "subscribe tcpdump-announce" as body and subject. The most recent messages can be accessed from gmane. Old archives can be found here.

tcpdump-workers
This list is focused on development. It will also receive announcements, so one need only subscribe to one list or the other. Subscribe by sending an e-mail to tcpdump-workers-request@lists.tcpdump.org with the phrase "subscribe tcpdump-workers" as body and subject, or through the web interface. The most recent messages can be accessed from gmane. Old archives can be found here. Posts to this list must originate from the subscriber's address.

Patches, Bug Reports and Feature Requests

Bugs and patches are tracked through GitHub. Please submit them using the following resources:

For libpcap:

  • Submit bugs and feature requests on the issue tracker.

  • Submit patches by forking the branch at GitHub: libpcap and issuing a pull request.

For tcpdump:

  • Submit bugs and feature requests on the issue tracker.

  • Submit patches by forking the branch at GitHub: tcpdump and issuing a pull request.

How to Contribute

Tcpdump and libpcap are open source software and anyone can make contributions. Basically we need people to:

  • Download and test versions of libpcap and tcpdump on their platform
  • Contribute code
  • Maintain web pages (less important now)
  • Maintain binary/RPM packages

If you want to contribute, please subscribe to the tcpdump-workers mailing list. It's a good idea to discuss bugfixes and new feature additions in advance, because the changes may have bigger implications than you think and your patch may not get accepted.