Promiscuous ports under Linux
Peter Pearson
pkpearson at nowhere.invalid
Fri May 5 01:48:09 EDT 2017
On Thu, 4 May 2017 18:04:02 +0000 (UTC), Grant Edwards wrote:
> On 2017-05-04, Peter Pearson <pkpearson at nowhere.invalid> wrote:
>
>> I'm curious to survey all my LAN traffic in various ways, and it seems
>> likely that I will see phenomena that I don't understand, and focussing
>> in on those phenomena is likely to require more flexible filtering
>> than Wireshark can provide. I expect to leave this process running for
>> maybe 24 hours at a stretch, maybe longer, with real-time alerts when
>> interesting things occur.
>
> You can libpcap (which is what wireshark uses on Linux) to deal with
> the details of capturing the packets and do the analysis in Python.
>
>> Maybe Wireshark can do everything I'll ever need to do, but it seems
>> so complicated, and Python seems so simple . . .
>
> I've been using pylibpcap for yonks, and have no complaints.
>
> https://sourceforge.net/projects/pylibpcap/
[snip]
Hey, that might do the job. Thanks!
--
To email me, substitute nowhere->runbox, invalid->com.
More information about the Python-list
mailing list