On Friday 20 May 2005 17:43, Michael Cohen wrote:
> Hi list,
> I have started writing a python binding to ethereal. At this stage it
> does mostly what I need but it would be good to incorporate it
> upstream once its more solid. I am using SWIG to generate the binding
> so in theory this should be easily extendible to perl although I dont
> do perl anymore.
Hi Michael, and the rest of the list,
I recently started the hawKeye project, a tool to help in network forensic
analysis by extracting content from a packet capture such as
- webpages complete with images, animations & frames
- telnet sessions in typescript format so they can be replayed
- IM conversations, etc...
Currently I'm still at the design phase, and I need to make choices like "what
libraries will hawKeye rely on". I quickly hacked together a proof of concept
based on libnids for stream reconstruction and getservent(3) for "protocol
detection", but it is clear that I won't go far with that.
Seeing Michael's email about Python bindings for libethereal, I felt the urge
to ask about bindings for libethereal in general:
Why is there no /usr/include/libethereal.h ?
As far I as understood from a glance at the million lines of Ethereal code and
at Michael's PyEthereal, currently the only way to interact with Ethereal is
to link against its source distribution... Wouldn't it be nice to make the
underlying engine generally available for other projects, since the
libethereal.so and libwiretap.so shared libraries exist already?
Best regards,
--
Sébastien Raveau
computer and network security student
head of the hawKeye network monitor project
http://hawkeye.sourceforge.net/
Attachment:
pgpRkVnXN9W2P.pgp
Description: PGP signature