The libpcap examples we have demonstrated so far have been in C, as the libpcap library is a C library. However, many interfaces and wrappers to libpcap exist for higher-level languages, such as Perl and Python. Using a high-level language has a number of advantages for developers not familiar with C, and for developers looking to quickly throw together a tool that works, without necessarily requiring it to be robust, scalable, or even stable. A tool written in Perl or Python is generally a lot smaller than an equivalent tool written in C.

Using a high-level language can also have some disadvantages, in that less commonly used functionality and new functionality within libpcap might not be supported properly, or even at all. Also, high-level languages are not a realistic option for tools requiring high throughput of packet processing, so you would not want to write a network IDS in a high-level language.

For the Perl scripting language, the package for libpcap is called Net::Pcap . If a Net::Pcap package is not available for your Linux distribution, you should be able to install Net::Pcap as follows:

               perl -MCPAN -e 'install Net::Pcap'

This downloads the source code for the package and automatically builds the package in most cases. If you are using Windows, your install process might be different. The functions in Net::Pcap are very similar to the C functions, as are the parameters passed to the functions. Documentation of these functions is available on the module’s ...