中文摘要：

libpcap数据包捕获函数库提供数据包捕获、过滤等上层API,目前广泛被网络协议分析、入侵检测等数据包处理系统使用.多核、多CPU通用计算平台为数据包的高速处理提供可能,但libpcap提供的单线程机制难以充分利用多核、多CPU平台的并行计算能力.设计并实现了一种支持多线程的libpcap：libpcap-MT.libpcap-MT在内核态进行高效的数据包分发,采用无锁的多缓存队列允许多线程同时读取数据包,提供灵活的数据包分发策略,接口与libpcap保持兼容.实验结果表明,使用libpcap-MT能够快速地将现有的系统多线程化,并且具有更好的性能和可扩展性.

英文摘要：

libpcap is a packet capture library providing the upper APIs for packet capture,filter and other functionalities,and being used widely in network protocol analysis,intrusion detection and other packet processing systems.It is feasible to perform high-speed packet processing with multi-core and multi-CPU architecture on general purpose computing platform,but it is difficult to take full advantage of the capability of multi-core and multi-CPU for applications based on libpcap because of its single thread model.In this paper,we design and implement a multi-thread packet capture library named libpcap-MT based on libpcap.libpcap-MT can capture and dispatch packets to multiple buffer queues very efficiently in kernel mode.In kernel capturing and dispatching reduces synchronization and memory copy overhead.Lockless multiple buffer queuing allows kernel and threads write and read packets in parallel.libpcap-MT provides a flexible dispatching strategy description method like C language.Its API extends libpcap＇s API with multi-thread operations and is compatible.Each thread can register with a buffer queue and get packets by traditional read（） to copy from it,or mmap（） to setup memory map then access the packet directly.Experimental results also indicate that it is easy to migrate current systems to multi-thread model with better performance and scalability using libpcap-MT.