Python bindings ?

George Jones eludom at gmail.com
Tue May 18 18:32:50 EDT 2010 

I've hacked together a usable class that reads ra output, parses with the
csv module and populates the class variables.    Simple, but it
meets my needs.   Will try to post once it's matured a bit.

Carter said he fixed the XML bug, so I may give that a try, but really, I
don't see that it adds that much (aside from complexity :-))

---George Jones

On Tue, May 18, 2010 at 1:34 PM, Harry Bock <hbock at ele.uri.edu> wrote:

> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> The biggest problem with parsing ra(xml) output is performance; it is
> generally much slower to have ra parse the Argus binary format and then
> have another process parse that output than to have the client program
> be able to read the binary format directly.  A proper API would be
> highly beneficial to client authors.
>
> In my experience with hacking together something on top of the Argus C
> code base, would be very difficult for a tool like SWIG to generate
> usable bindings that would transfer well to a language like Python.
> Recently I had started on a re-implementation of the Argus client
> library modeled after libpcap, with the goal of having a friendlier API
> and be more suitable for shared object support, but I haven't gotten
> very far due to school and work.  If there is significant interest in
> this, I could start hacking on it again if there is community support.
> A powerful, simple Argus API would be of enormous benefit to application
> developers.
>
> If anyone is interested in the library I started, check it out here:
> http://git.spanning-tree.org/index.cgi/libfcap/
> It's not in any usable state at all, but the building blocks are there.
> If the bindings were to mature, they would likely be a better candidate
> for automatically generated FFI bindings for, say, Python or Ruby or
> other languages with a C interface.
>
> Harry
>
> On 05/17/2010 08:44 AM, Phillip Deneault wrote:
> > I've had good luck with elementtree, but the XML format Argus uses
> > doesn't really require anything fancy.  The built-in minidom stuff might
> > work just fine for you.
> >
> > As to what python brings to the party... basically nothing over what any
> > other library brings to the party.  It simplifies custom client creation
> > if there is a handy library available.  I for one would welcome a direct
> > python library to read in flows from radium/ra or binary files as it
> > would eliminate lots of extra piping and clockwork mechanisms I use in
> > my python glue programs, or converting to XML which requires a lot more
> > overhead than the binary format directly.
> >
> > I've been playing with this idea myself, but not knowing C very well, it
> > was a long uphill climb.  In my research, I looked at a tool called
> > SWIG, which might facilitate building these various libraries based on
> > the official C code.  SWIG can also handle documentation generation.
> > http://www.swig.org/.  Maybe that's something someone with more C
> > knowledge could use.
> >
> > Thanks,
> > Phil
> >
> > On 5/14/2010 12:51 PM, George Jones wrote:
> >> On Fri, 2010-05-14 at 09:21 -0700, John Gerth wrote:
> >>> ra can output XML and there are beaucoup python parsers for that.
> >>
> >> Doh.  Should of thought of that.
> >>
> >> Suggestions for parsers ? (being new-ish to python, and XML)
> >>
> >> Thanks,
> >> ---George Jones
> >>
> >>>
> >>> On 5/14/2010 8:44 AM, George Jones wrote:
> >>>> On Fri, 2010-05-14 at 11:36 -0400, Carter Bullard wrote:
> >>>>> Hey George,
> >>>>> I don't do any python, but it couldn't be hard.
> >>>>> Are there guides for doing this type of thing?
> >>>>
> >>>> google python class
> >>>>
> >>>> PySiLK is the one thing I'm really missing from SiLK.   I think I can
> >>>> roll a parser pretty quickly for reading ra output and shoving it into
> >>>> classes.
> >>>>
> >>>> ---George
> >>>>
> >>>>> Carter
> >>>>>
> >>>>> On May 14, 2010, at 10:32 AM, George Jones wrote:
> >>>>>
> >>>>>> Has anyone created python bindings for argus?  e.g. something that
> would
> >>>>>> read ra ouput (or argus binary format)  and parse into python class
> >>>>>> structures ?
> >>>>>>
> >>>>>> Thanks,
> >>>>>> ---George Jones
> >>>>>>
> >>
> >
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.9 (GNU/Linux)
> Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
>
> iEYEARECAAYFAkvyz7cACgkQDiEcLVRsw1N2ywCeIUbB0nmc/o44+566pzIoO96g
> sZYAn1pL4NLVP0x/h8I6ozqOAgHNKbHC
> =SeKu
> -----END PGP SIGNATURE-----
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://pairlist1.pair.net/pipermail/argus/attachments/20100518/3a25177e/attachment.html>

More information about the argus mailing list