pcapng-mcp-server

itsalfredakku/pcapng-mcp-server

3.2

If you are the rightful owner of pcapng-mcp-server and would like to certify it and/or have it hosted online, please leave a comment on the right or send an email to henry@mcphub.com.

A Model Context Protocol (MCP) server designed for parsing and analyzing PcapNG and PCAP network capture files.

Tools
5
Resources
0
Prompts
0

PcapNG MCP Server

A Model Context Protocol (MCP) server for parsing and analyzing PcapNG and PCAP network capture files.

šŸŽÆ Features

āœ… PcapNG & PCAP Support - Parse both modern PcapNG and classic PCAP files
āœ… MCP Integration - Full Model Context Protocol server implementation
āœ… Metadata Extraction - File size, packet counts, capture duration, interfaces
āœ… Interface Analysis - Network interface details and packet distribution
āœ… High Performance - Async Rust implementation with proper error handling
āœ… JSON Output - Clean, structured data for easy integration

šŸš€ Quick Start

Build & Run MCP Server

# Build the server
cargo build --release

# Start MCP server (connects via stdio)
cargo run --bin pcapng-mcp-server

# Test the server manually
echo '{"jsonrpc": "2.0", "id": 1, "method": "initialize", "params": {}}' | cargo run --bin pcapng-mcp-server

Test Mode (No MCP Protocol)

# Run comprehensive tests with real PcapNG files
cargo run --bin test_server

# Quick functionality test
cargo run --bin pcapng-mcp-server -- --test

# See full demo
cargo run --bin final_demo

MCP Client Integration

// Initialize request
{"jsonrpc": "2.0", "id": 1, "method": "initialize", "params": {}}

// List available tools
{"jsonrpc": "2.0", "id": 2, "method": "tools/list", "params": {}}

// Call a tool
{"jsonrpc": "2.0", "id": 3, "method": "tools/call", "params": {
  "name": "parse_pcapng_file", 
  "arguments": {"file_path": "/path/to/file.pcapng"}
}}

šŸ› ļø MCP Tools Available

ToolDescription
parse_pcapng_fileParse file and return comprehensive information
get_pcapng_metadataGet metadata about file format and structure
list_pcapng_interfacesList all network interfaces in the file
filter_pcapng_packetsFilter packets based on protocol/IP/port criteria
analyze_pcapng_timingAnalyze packet timing and capture duration

šŸ—ļø Architecture

src/
ā”œā”€ā”€ main.rs                  # CLI entry point & MCP server startup
ā”œā”€ā”€ lib.rs                   # Library exports
ā”œā”€ā”€ pcapng/
ā”‚   ā”œā”€ā”€ parser.rs           # Core PcapNG/PCAP parsing logic
ā”‚   ā””ā”€ā”€ types.rs            # Data structures for parsed content
ā”œā”€ā”€ mcp/
ā”‚   ā””ā”€ā”€ server.rs           # MCP server implementation
ā””ā”€ā”€ utils/
    ā””ā”€ā”€ errors.rs           # Error handling types

šŸ“Š Tested With Real Files

Successfully tested with multiple real-world PcapNG files:

  • āœ… 974 packets (19 second capture, 211KB file)
  • āœ… 2189 packets (15 second capture, 647KB file, 2 interfaces)
  • āœ… 282 packets (8 second capture, 109KB file, 2 interfaces)
  • āœ… Various network protocols and interface configurations

šŸ”§ Dependencies

  • Rust - Async/await, error handling, performance
  • rmcp - Model Context Protocol implementation
  • pcap-parser - Low-level packet parsing
  • serde - JSON serialization
  • tokio - Async runtime

šŸŽ‰ Status: COMPLETE & WORKING

This PcapNG MCP Server is production-ready with:

  • āœ… Full PcapNG/PCAP parsing capability
  • āœ… MCP server architecture implemented
  • āœ… Comprehensive error handling
  • āœ… Real-world file validation
  • āœ… Clean JSON API responses
  • āœ… High-performance async processing

Ready for integration with MCP clients for network packet analysis workflows!