Sounds neat! You should probably be aware of Pyreshark [1] if you
aren't already. It provides an interface for writing dissectors in
python and hooking them into the main engine, so I believe it's
complementary to your work. It may be worth collaborating with the
author, or even merging the two projects to provide a single unified
python API.
Evan
[1] https://code.google.com/p/pyreshark/
P.S. As a general comment to the list, we really ought to remove the
old python bindings from trunk since they are terribly out of date and
buggy at this point. Last time this came up it turned out some
packager (redhat?) was still using them so we left them in, but I
think they're probably doing more harm than good at this point...
On Sun, Jan 26, 2014 at 12:42 PM, Lukas Lueg <lukas.lueg@xxxxxxxxx> wrote:
> Hi,
>
> given the dark abyss that packet dissection libraries available to Python
> are, I've just started a library to make the code beneath Wireshark's GUI
> available to Python. Wirepy is a foreign function interface to use Wireshark
> within Python as implemented by CPython and PyPy.
>
> Working with dumpcap, wiretap, dissection of packets to protocol-trees and
> columns is usable but most of the more fine-grained functionality is not yet
> implemented. Also, a more pythonic API needs to be created atop the FFI.
>
> While valgrind shows that about 35% of cpu time is spent in the Python
> interpreter, a single of my laptop's cores can handle about 100mbit of
> traffic per second - not bad.
>
> The code just matured to it's own git repo and now lives at
> https://github.com/lukaslueg/wirepy
>
> I'd be grateful for comments, passing the word, and contributions.
>
> Best regards
> Lukas
>
> ___________________________________________________________________________
> Sent via: Wireshark-dev mailing list <wireshark-dev@xxxxxxxxxxxxx>
> Archives: http://www.wireshark.org/lists/wireshark-dev
> Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
> mailto:wireshark-dev-request@xxxxxxxxxxxxx?subject=unsubscribe