File ptcpdump.spec of Package ptcpdump

Name:           ptcpdump
Version:        0.33.2
Release:        0.1.1
License:        MIT
URL:            https://github.com/mozillazg/ptcpdump
Source0:        ptcpdump-%{version}.tar.xz
Summary:        ptcpdump is a tcpdump-compatible packet analyzer powered by eBPF
BuildRequires:  go, autoconf, flex, bison, gcc, llvm, make, glibc-devel-static, unzip, clang, libpcap
Requires:       glibc
ExclusiveArch:      x86_64

%description
🔍 Process/container/pod-aware packet capture.
📦 Filter by: --pid (process), --pname (process name), --container-id (container), --pod-name (pod).
🎯 tcpdump-compatible flags (-i, -w, -c, -s, -n, -C, -W, -A, and more).
📜 Supports pcap-filter(7) syntax like tcpdump.
🌳 tcpdump-like output + process/container/pod context.
📑 Verbose mode shows detailed metadata for processes and containers/pods.
💾 PcapNG with embedded metadata (Wireshark-ready).
🌐 Cross-namespace capture (--netns).
🚀 Kernel-space BPF filtering (low overhead, reduces CPU usage).
⚡ Container runtime integration (Docker, containerd).

%prep
%setup -q

%build
make build-bpf CARCH=x86_64 GOARCH=amd64
make build CARCH=x86_64 GOARCH=amd64

%install
mkdir -p %{buildroot}/usr/sbin/
install --mode=ug+rx,o-rx,ugo-w ptcpdump %{buildroot}/usr/sbin/ptcpdump
%files
%license LICENSE
/usr/sbin/ptcpdump

%changelog
* Mon May 12 2025 Thomas Rahimi <thomas.rahimi@mailbox.org>:
- Corrections to the build section