On 2017-05-04, Peter Pearson <pkpearson@nowhere.invalid> wrote: > I'm curious to survey all my LAN traffic in various ways, and it seems > likely that I will see phenomena that I don't understand, and focussing > in on those phenomena is likely to require more flexible filtering > than Wireshark can provide. I expect to leave this process running for > maybe 24 hours at a stretch, maybe longer, with real-time alerts when > interesting things occur.
You can libpcap (which is what wireshark uses on Linux) to deal with the details of capturing the packets and do the analysis in Python. > Maybe Wireshark can do everything I'll ever need to do, but it seems > so complicated, and Python seems so simple . . . I've been using pylibpcap for yonks, and have no complaints. https://sourceforge.net/projects/pylibpcap/ Another advantage of pylibpcap is that you can used it to read files saved by wireshark or tcpdump. -- Grant Edwards grant.b.edwards Yow! Somewhere in DOWNTOWN at BURBANK a prostitute is gmail.com OVERCOOKING a LAMB CHOP!! -- https://mail.python.org/mailman/listinfo/python-list
