RPCAP captures packets remotely through a system.
The server (or agent) is a standalone executable program that captures network traffic on a remote system using the libpcap packet capture library. On the other hand, the client is a library called librpcap, which is linked to a user program and used to receive and process the packets captured by the server. The librpcap client library exposes a subset of the pcap API as defined in the pcap (3) manpage, making it easy to use in any program that uses libpcap functions.
Rpcap's API functions as a set of pcap-compatible wrapper functions over a Sun RPC interface to the remote server. This method invokes the corresponding libpcap functionality on the server. However, it is worth noting that rpcap has been tested only on Linux on Intel platforms. Nevertheless, it should build in any UNIX-like system that supports multithreading and has the RPC libraries and utilities available.
While there may be a couple of bugs in the code that restrict it to little-endian systems, the developer promises to fix these soon.
This release of RPCAP comes with new features, including v.0.23 alpha, added GNU autotools-based build (autconf/automake/libtool), and pcap_compile fixed to accept null strings for tcpdump compatibility. Additionally, the code is now tcpdump compatible, allowing tcpdump to build against librpcap. There is also a port of tcpdump to rpcap, making this software a fantastic addition to your system.
Version 0.23: N/A