Show HN: I've just released my new open source MCP server called mcpcap (github.com)

mcpcap is a newly released open-source Python MCP (Model Context Protocol) server that lets LLMs read and analyze PCAP network captures using protocol-specific, stateless tools. It runs as a standalone MCP server (pip-installable, Python 3.10+), exposes analysis calls like analyze_dns_packets, analyze_dhcp_packets and analyze_icmp_packets, and returns structured JSON optimized for LLM consumption. The server relies on scapy for packet parsing, supports local files and HTTP/HTTPS remote PCAPs (with automatic temporary downloads/cleanup), and can be limited by packet count for large captures. It integrates with MCP clients such as Claude Desktop and the MCP Inspector. For AI/ML practitioners, mcpcap matters because it formalizes network forensics as LLM-callable tools with specialized prompts (security_analysis, forensic_investigation, network_troubleshooting, etc.), making it easy to pipeline model reasoning over protocol-aware outputs. Its modular architecture (BaseModule + protocol modules) simplifies adding new analyzers (future candidates: HTTP/TCP/TLS/BGP), and the stateless, JSON-first design ensures predictable inputs/outputs for chain-of-thought, tool-using agents, or automated threat-detection workflows. Note practical cautions: PCAPs often contain sensitive data, remote files should be trusted and fetched over HTTPS, and contributors can extend analysis, detection features, and performance optimizations. Licensed MIT; key deps include scapy, requests, and fastmcp.