Sniffnet v1.4: it's 2X faster than Wireshark at processing PCAP files
10 months ago
- #network-monitoring
- #pcap
- #rust
- Sniffnet v1.4 is now available with major improvements and fixes.
- New feature: ability to process network data from PCAP files, enhancing compatibility with tools like Wireshark.
- PCAP file support enables inspection of historical data for troubleshooting and network forensics.
- Demonstrated processing speed: 1.6 GB PCAP file (2.6M packets) in ~25 seconds on an old MacBook Air.
- Sniffnet is 2.2x faster than Wireshark on the same machine and allows real-time data preview.
- Performance boost due to Rust programming language and minimal parsing of packet headers.
- New features include ARP protocol support, donut chart for traffic stats, and bogon IP tagging.
- Enhanced accessibility with new default themes and detailed notifications.
- Focus on extracting key packet header fields (IPs, ports, protocols) for efficiency.