Revision history [back]
Utilizing Wireshark Dissection Engine over IPC
Hello!
I was wondering if there's an existing open-source project that exposes Wireshark's dissection engine over IPC. I'm aware that it's possible to retrieve the dissection results from tshark via XML, but that might prove too slow for projects that have to deal with large amounts of traffic.
Ideally, on one end this wrapper would receive a stream of raw packets (libpcap format) and on the other end it'll send the resulting parsed data meta-struct.
I'm tempted to try to develop such a solution myself, but I wanted to verify that there isn't such an existing solution before I do so.
Thanks! Itay
Utilizing Wireshark Dissection Engine over IPC
Hello!
I was wondering if there's an existing open-source project that exposes Wireshark's dissection engine over IPC. I'm aware that it's possible to retrieve the dissection results from tshark via XML, but that might prove too slow for projects that have to deal with large amounts of traffic.
Ideally, on one end this wrapper would receive a stream of raw packets (libpcap format) and on the other end it'll send the resulting parsed data meta-struct.meta-struct on the other end.
I'm tempted to try to develop such a solution myself, but I wanted to verify that there isn't such an existing solution before I do so.
Thanks! Itay