Is there an Elixir or Erlang library that can translate a frame of bytes received from the network into some structured data?
I’d like to analyze packet capture frames much like Wireshark can do, in plain Elixir.
Do you happen to know what will be the format of the packages or you want to decode or you want to do deduction on your own?
I do not know any existing library for that, but with binary pattern matching it would be mostly manual work to do so.
Standard TCP, UDP, HTTP, etc… I got it in binary format, exactly as found on the wire, but I got to break it down so it can be analyzed.
I have no idea what library could help after a little research… those packets can be visualized easily with Wireshark, but I want to automate this job with Elixir, so I got to get my hands on the info. Ideally without wireshark itself as a dependency.
There is GitHub - msantos/pkt: Erlang network protocol library (in Erlang). But you’re never going to match the capabilities of the Wireshark dissectors. Maybe you could execute the Lua-based dissectors using GitHub - rvirding/luerl: Lua in Erlang
3 Likes
There are layers to the data on the network. E.g. HTTP works on TCP and TCP on IP, so you’d need to be able to unpack those packages from the outside in IP->TCP->HTTP. You also need to figure out where packet boundaries are if you’d don’t know the data you have starts at a packet boundary.
1 Like
I got to be able to play with most of this, lower level protocols being the most important.
procket
1 Like
