views:

246

answers:

1

What I need is to write very simple application, which would listen to network traffic, filter out some packets based on various layer 4/5 information and then dump those information into database.

I am quite confused on which pcap gem/plugin should I use. The basic pcap implemention seem to be a bit outdated (no changes since 2001) and doesn't work properly. I also tried pcaprub, but I am not quite sure how to get around with this library. It seem to capture raw packets without te ability to actualy get any data out of the pcap dump.

Do you have any advices on how can I realize this simple task?

Thanks in advance. :-)

A: 

Try xtractr: http://code.google.com/p/pcapr/wiki/Xtractr

kowsik
I took a brief look on the project and I am not sure if thats the right thing for me. What I need to do, is to dump the traffic straight into the database, for further analysis. I dont need flow analysis, just the raw data in the DB, so I can do my checking on them.
mdrozdziel