Event handler hooks

event handler functions:

on_initialize

This function is called at scripting engine startup. In default configuration (sample.ss) we first set some global variables for more comfortable work later on. After that, you can put your own initialization stuff (opening file for packet logging, creating connection to database, or anything else that needs to be called once at session start.

on_shutdown

is called on sniffer shutdown. Use it to clean up things done in on_initialize (close files, etc).

on_start_sniffing

This function is called after the sniffer engine is initialized, but right before actual sniffing starts.

on_receive_packet

Function is called whenever packet capture engine acquires new packet from the device it's listening to. Do not put some heavy processing here, as this function is called in real time. Intended use is to filter out unwanted packets, so that you have only desired material for later post-processing.

on_dump_packet

this function is called whenever buffered packet needs to be processed. Common use would be to log packets to file or database, or any other post-processing.