Promiscuous ports under Linux
Grant Edwards
grant.b.edwards at gmail.com
Thu May 4 14:04:02 EDT 2017
On 2017-05-04, Peter Pearson <pkpearson at nowhere.invalid> wrote:
> I'm curious to survey all my LAN traffic in various ways, and it seems
> likely that I will see phenomena that I don't understand, and focussing
> in on those phenomena is likely to require more flexible filtering
> than Wireshark can provide. I expect to leave this process running for
> maybe 24 hours at a stretch, maybe longer, with real-time alerts when
> interesting things occur.
You can libpcap (which is what wireshark uses on Linux) to deal with
the details of capturing the packets and do the analysis in Python.
> Maybe Wireshark can do everything I'll ever need to do, but it seems
> so complicated, and Python seems so simple . . .
I've been using pylibpcap for yonks, and have no complaints.
https://sourceforge.net/projects/pylibpcap/
Another advantage of pylibpcap is that you can used it to read files
saved by wireshark or tcpdump.
--
Grant Edwards grant.b.edwards Yow! Somewhere in DOWNTOWN
at BURBANK a prostitute is
gmail.com OVERCOOKING a LAMB CHOP!!
More information about the Python-list
mailing list