On Sep 6, 2010, at 9:12 PM, 刘昆 wrote:
> We want to develop a software just like this
>
> First,we let the software run and capture the data packets in computer.Then
> when some words or IP address in the data packets matching to the data we
> preestablish,a warning box must be showed to tell us something happen.
>
>
> In fact, we just want to modify the code of wireshark and add some function
> of the filtering IP and some key words.However,my question is I don't know
> how to do now.Where should I start
With Snort?
http://www.snort.org/
Wireshark is designed to be, and intended to be, a program to load a capture of
network traffic, or capture a sequence of network traffic, and allow its user
to look at the traffic in detail; it was not designed to be, and is not
intended to be, an application that watches network traffic in the background
and pop up warnings.
Snort *is* designed to be an application that watches network traffic in the
background and warns the user of potential problems.
___________________________________________________________________________
Sent via: Wireshark-dev mailing list <[email protected]>
Archives: http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
mailto:[email protected]?subject=unsubscribe
