Assume we capture packets with the C API of libpcap. Is it efficient to parse some payload strings with string search strstr() in line speed (e.g. Mbps/Gbps)? For example strstr(payload,"User-Agent");
Would it be more efficient to do it with a regular expression pattern matching library, such as libpcre?
If we want to do that only for HTTP header arguments, is there any C API? It is not clear to me if libcurl can do that... thank you in advance.