Hi, I'm a new user of libpcap.
I am writing a program that is intended to monitor the requests made to a server from various clients. I am using libpcap to capture all packets directed to the server's IP and need to parse the _payload_ of the TCP stream (i.e. isolate the application protocol messages, discarding TCP retransmissions). I am currently parsing the TCP header using sequence/ack fields to detect retransmissions and extract payload. Could one suggest a better approach to this? - This is the tcpdump-workers list. Visit https://cod.sandelman.ca/ to unsubscribe.
