compiled all the tools pcap-analyzer test-analyzer etc. but not much happens when running them on a pcap file (other than displaying some simple stats about the pcap file itself).
Maybe something like this would be helpful to get started:
use anyhow::Result;
use libpcap_analyzer::{Analyzer, PluginRegistry};
use libpcap_analyzer::plugins::flows::FlowsInfo;
use libpcap_tools::{Config, PcapDataEngine, PcapEngine};
use std::fs::File;
use std::sync::{Arc, Mutex};
fn main() -> Result<()> {
env_logger::init();
let config = Config::default();
let mut registry = PluginRegistry::new();
let flows = Arc::new(Mutex::new(FlowsInfo::default()));
registry.add_plugin(flows.clone());
let analyzer = Analyzer::new(Arc::new(registry), &config);
let mut engine = PcapDataEngine::new(analyzer, &config);
let mut f = File::open("/home/dvc/ipld/quinn-noise-dissector/libp2p-quic.pcap")?;
engine.run(&mut f)?;
let json = flows.lock().unwrap().get_results_json();
println!("{}", serde_json::to_string(&json)?);
Ok(())
}
compiled all the tools pcap-analyzer test-analyzer etc. but not much happens when running them on a pcap file (other than displaying some simple stats about the pcap file itself).
Maybe something like this would be helpful to get started: