Possible future improvements in the future:
bi-direction capture
ipv6 ipFamily field in spec has a fixed value ipv4.
tcp flags filter
icmp echo/reply filter transportHeader struct to support icmp filters.
antctl support
capture both on source/target
Current issues:
captured file cannot be opened by tcpdump on mac, works on linux. ( Wireshark is fine on mac) (Fix PacketCapture pcapng file issue on macOS #6804
reading from PCAP-NG file pc-test-tcp.pcapng. tcpdump: pcap_loop: invalid packet capture length 74, bigger than snaplen of 524288
this is the error message shown when reading packets from tcpdump on mac. It works fine with linux and WIreshark(mac).
[Flaky test] TestPacketCapture e2e test #6815
Related to:
Add packetcatpure feature #6756 [Proposal] A new PacketSampling CRD #5443 
Possible future improvements in the future:
bi-direction capture
This was marked as a future improvement during the design stage. We could add a bool field in the spec to turn this on.
ipv6
currently the
ipFamilyfield in spec has a fixed valueipv4.tcp flags filter
icmp echo/reply filter
add new section in
transportHeaderstruct to support icmp filters.antctl support
download the pcap file directly from cli
capture both on source/target
users maybe want to check the diff.
Current issues:
this is the error message shown when reading packets from tcpdump on mac. It works fine with linux and WIreshark(mac).
Related to: