[tor-dev] Python bindings for wireshark
lukas.lueg at gmail.com
Sat Jan 25 19:29:49 UTC 2014
Damian suggested to post this to the entire list: Given the dark abyss that
packet dissection libraries available to Python are, I've just started a
foreign function interface to Wireshark. Wirepy aims to make the most
useful features of Wireshark - more than 1.400 protocols supported in
current svn, endless extra information through taps / session
reconstruction, wide platform support - available to Python code. Wirepy
uses the libraries underneath the Wireshark GUI directly and can - in
principle - do anything Wireshark does.
The library is compatible to Python3 (python2 may work but untested / don't
care) and PyPy. It just matured to it's own git repo and is just good
enough to capture and dissect traffic with close-to-metal code.
While valgrind shows that about 35% of cpu time is spent in the Python
interpreter, a single of my laptop's cores can handle about 100mbit of
traffic per second - *much* more than other python libraries. Multiple cpu
cores can easily be used by help of the multiprocessing module.
The code now lives at https://github.com/lukaslueg/wirepy
I'd be grateful for comments, passing the word, and contributions.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the tor-dev