Utilizing Wireshark Dissection Engine over IPC

retag add tags

Hello!

I was wondering if there's an existing open-source project that exposes Wireshark's dissection engine over IPC. I'm aware that it's possible to retrieve the dissection results from tshark via XML, but that might prove too slow for projects that have to deal with large amounts of traffic.

Ideally, on one end this wrapper would receive a stream of raw packets (libpcap format) and on the other end it'll send the resulting parsed data meta-struct.

I'm tempted to try to develop such a solution myself, but I wanted to verify that there isn't such an existing solution before I do so.

Thanks! Itay

Itayg

asked 2020-01-01 11:25:18 +0000, updated 2020-01-01 11:28:20 +0000

edit flag offensive 0 remove flag close merge delete

Comments

add a comment see more comments

Be the first one to answer this question!

Please start posting anonymously - your entry will be published after you log in or create a new account. This space is reserved only for answers. If you would like to engage in a discussion, please instead post a comment under the question or an answer that you would like to discuss.

Utilizing Wireshark Dissection Engine over IPC edit

Comments

Be the first one to answer this question!

Utilizing Wireshark Dissection Engine over IPC