Re: We want to develop a Monitoring Software based on wireshark

[Guy Harris <guy () alum mit edu>]

On Sep 6, 2010, at 9:12 PM, 刘昆 wrote:

> We want to develop a software just like this
>
> First,we let the software run and capture the data packets in computer.Then when  some words or IP address in  the 
> data packets matching to the data we preestablish,a warning box must be showed to tell us something happen.
>
>
> In fact, we just want to modify the code of  wireshark and add some function of the filtering IP and some key 
> words.However,my question is I don't know how to do now.Where should I start

With Snort?

        http://www.snort.org/

Wireshark is designed to be, and intended to be, a program to load a capture of network traffic, or capture a sequence 
of network traffic, and allow its user to look at the traffic in detail; it was not designed to be, and is not intended 
to be, an application that watches network traffic in the background and pop up warnings.

Snort *is* designed to be an application that watches network traffic in the background and warns the user of potential 
problems.
___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev () wireshark org>
Archives:    http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
             mailto:wireshark-dev-request () wireshark org?subject=unsubscribe