packet-o-matic

the real time packet processor

About

packet-o-matic is a real time packet processor under the GPL license. It mainly does network forensics. It is able to dump, log multiple informations about various types of connections. It reads the packet from an input module, match the packet using rules and connection tracking information and then send it to a target module. For example, it can read an HTTP connection, output a log file in the same format than apache log files and also dump credential informations along with the payload of the request.
This has been tested on Linux/x86, Linux/x86_64, Linux/hppa, Linux/sparc, FreeBSD/x86, Solaris/sparc and OSX/ppc.

News

2011/05/26 : String storage in datastore_postgres changed from varchara to bytea.
2010/01/09 : Docsis 3 support added using multiple DVB-C cards

Main features

Below are a few examples of what packet-o-matic can do :

Modules

Currently implemented modules :

Sources

Source code is available via svn. You can download a live copy of the source repository by using the following command :

svn checkout https://svn.tuxicoman.be/svn/packet-o-matic/trunk packet-o-matic

Alternatively, you can browse the sources using WebSVN.

Contact

Feel free to contact me directly via email at gmsoft@tuxicoman.be or via the mailing list. Any comment, suggestion or feature request is highly appreciated.
You can aslo come on irc.freenode.net and join #packet-o-matic where I'll be hanging.