Hi,
given the
dark abyss that packet dissection libraries available to Python are,
I've just started a library to make the code beneath Wireshark's GUI available to Python. Wirepy is a foreign function interface to use Wireshark within Python as implemented by CPython and PyPy.
Working with dumpcap, wiretap, dissection of packets to protocol-trees and columns is usable but most of the more fine-grained functionality is not yet implemented. Also, a more pythonic API needs to be created atop the FFI.
While
valgrind shows that about 35% of cpu time is spent in the Python
interpreter, a single of my laptop's cores can handle about 100mbit of
traffic per second - not bad.
The code just matured to it's own git repo and now lives at
https://github.com/lukaslueg/wirepyI'd
be grateful for comments, passing the word, and contributions.
Best regards
Lukas