Skip to content
This repository has been archived by the owner on May 15, 2024. It is now read-only.

Performance compare to Lua? #19

Open
petersondrew opened this issue Oct 19, 2015 · 5 comments
Open

Performance compare to Lua? #19

petersondrew opened this issue Oct 19, 2015 · 5 comments

Comments

@petersondrew
Copy link

Has anyone compared the performance of pyreshark to Lua when doing something more complicated than just field items?
I know the PyFunctionItem callbacks will be slower, particularly when unpacking packets, but does anyone know if they're faster/slower than doing something similar in Lua? I'm aware that performance can vary, but I'm particularly curious if packet.unpack is going to be a performance bottleneck compared to a similar implementation in Lua.
@officialhopsof
Copy link

I know one critical area it is faster at, its way faster to develop in.

On Mon, Oct 19, 2015 at 10:11 AM, Drew Peterson [email protected]
wrote:

Has anyone compared the performance of pyreshark to Lua when doing
something more complicated than just field items?
I know the PyFunctionItem callbacks will be slower, particularly when
unpacking packets, but does anyone know if they're faster/slower than doing
something similar in Lua? I'm aware that performance can vary, but I'm
particularly curious if packet.unpack is going to be a performance
bottleneck compared to a similar implementation in Lua.


Reply to this email directly or view it on GitHub
#19.

@petersondrew
Copy link
Author

That definitely appears to be the case, especially if you're trying to migrate away from a dissector written in C as we are. Our main goal here is to find an alternative to writing our dissectors in C, to avoid the headaches of building Wireshark plugins on Windows, that still provides acceptable performance.

@officialhopsof
Copy link

I've used pyreshark and c to make a few different dissectors and I was able
to handle a ton of data pretty well with pyreshark. We would have 100,000+
packets coming in every minute or so and I did have to instruct people to
use a capture limit to get wireshark to perform in a reasonable way. That
being said, for our purposes, this was acceptable. Something that might be
worth trying is compiling the dissector with cython?

On Mon, Oct 19, 2015 at 10:30 AM, Drew Peterson [email protected]
wrote:

That definitely appears to be the case, especially if you're trying to
migrate away from a dissector written in C as we are. Our main goal here is
to find an alternative to writing our dissectors in C, to avoid the
headaches of building Wireshark plugins on Windows, that still provides
acceptable performance.


Reply to this email directly or view it on GitHub
#19 (comment).

@ashdnazg
Copy link
Owner

I don't have any empiric data but lua should be faster than PyFunctionItem and slower than regular items.
I suspect it's not going to be extreme as long as you don't use exceptions or similar slow code.

if you reach any interesting conclusions, I'll be happy to hear :)

@petersondrew
Copy link
Author

Thanks for the input everyone, I'm pressing forward porting to pyreshark as much as I can. If the performance is not acceptable I'll give Lua a shot and return with findings :-)

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@petersondrew @officialhopsof @ashdnazg