So, the project has been continuing nicely recently. I decided it would be awesome, if the end user, me, could add filters to the traffic for each instrument. I only wanted a single scapy instance sniffing for traffic, so I had to implement the filter in Ethestra, as opposed to sing scapys built-in filter system.
Thsi left me with a problem. I had no idea how to write a parser. After thinking about it for a while, and talking to some coder friends, it became clear that if I could get the filter in the format below, I could evaluate it fairly easily.
[["ip", "==", "10.2.6.3"], "AND", ["sport", "==", "25"]]
This turned out to be true. With a little help from pyparsing, I can now enter filters like this.
ip == 10.2.6.3 AND sport == 25
Listing expected soon…