the real time packet processor


packet-o-matic is a real time packet processor under the GPL license. It mainly does network forensics. It is able to dump, log multiple informations about various types of connections. It reads the packet from an input module, match the packet using rules and connection tracking information and then send it to a target module. For example, it can read an HTTP connection, output a log file in the same format than apache log files and also dump credential informations along with the payload of the request.
This has been tested on Linux/x86, Linux/x86_64, Linux/hppa, Linux/sparc, FreeBSD/x86, Solaris/sparc and OSX/ppc.


2011/05/26 : String storage in datastore_postgres changed from varchara to bytea.
2010/01/09 : Docsis 3 support added using multiple DVB-C cards

Main features

Below are a few examples of what packet-o-matic can do :


Currently implemented modules :


Source code is available via svn. You can download a live copy of the source repository by using the following command :

svn checkout packet-o-matic

Alternatively, you can browse the sources using WebSVN.


Feel free to contact me directly via email at or via the mailing list. Any comment, suggestion or feature request is highly appreciated.
You can aslo come on and join #packet-o-matic where I'll be hanging.