Wireshark-dev: Re: [Wireshark-dev] Extending wireshark with Python

From: Sébastien Tandel <sebastien@xxxxxxxxx>
Date: Sat, 30 May 2009 18:31:10 -0300
Hi Guy,


   It is an embedded version of the Python interpreter into libwireshark, so all the Wireshark GUI should be available.

   For now, it is not possible to write a tap in python. I've not analyzed yet how difficult it would be to add the "tap in python" feature but it is definitely in my TODO list. I know that it won't be so obvious because of the callbacks used and the global array defined for a tap.

For the technical and gory details :
   1) callback functions defined in python can't be passed as-is to libwireshark functions because it is in fact a PyObject. We therefore have to add a proxy layer in libwireshark using the C API of python.
   2) Non-opaque C-like structure might be defined with ctypes into a python tap but within some limitations. I've not met one of these limitations 'til now and don't think there will be one with tap.
   3) there are some others limitations with ctypes. In best case, it demands some C code to avoid the limitation and in the worst we could be unable to use some features. Fortunately, I've not encountered yet a case with wireshark! :)

All in all, my guess is that it is possible to add this feature since dissectors need some of these constructions too.

P.S. : I would like to add binpac within this python interpreter. But after having read the paper and thought a bit about the grammar, I think they've used Haskell (or another pure functional language for their compiler). Some grammar constructions are too close of functional programming and it complicates a bit the implementation of a compiler in a non pure functional language. (I would love to know whether I'm wrong or not ... ;))


 
Regards,
Sebastien Tandel

On Sat, May 30, 2009 at 16:57, Guy Harris <guy@xxxxxxxxxxxx> wrote:

On May 29, 2009, at 3:06 PM, Sébastien Tandel wrote:

>    These last weeks, I spent some time to integrate python into
> wireshark and made the first commit today in the wireshark trunk.
> This way, now, it is possible to write a dissector for wireshark in
> python. see http://wiki.wireshark.org/Python for documentation.

So is this

       Wireshark with an embedded version of the Python interpreter, so that
all the Wireshark GUI is available

or

       a libwireshark module to be loaded into a stand-alone Python
interpreter?

Is it possible to write a tap in Python?
___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev@xxxxxxxxxxxxx>
Archives:    http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
            mailto:wireshark-dev-request@xxxxxxxxxxxxx?subject=unsubscribe