Packet-o-matic NG aka pom-ng is the new generation of packet-o-matic. It is a complete rewrite based on the previous version with improved architectural design and packet processing. Notable new features are multi-input support and multi-thread processing.

If you are looking for documentation about the old version of packet-o-matic, see here.

• Installation : Step by step intstallation procedure
• Getting started : Beginner's guide to pom-ng
• DOCSIS : Notes about sniffing DOCSIS streams
• Core : Documentation pom-ng's core including command line parameters and global parameters
• Events : List of all events that can be generated
• Lua : Lua API documentation
• Roadmap : Roadmap for pom-ng
• Features wishlist : Add the feature you'd like to see here !
• Troubleshooting : Troubleshooting steps for various problems

Here is a list of available modules.

• docsis : Read DOCSIS packets from a digital TV card
• docsis_scan : Scan for DOCSIS streams using a digital TV card
• dvb_atsc : Read MPEG-TS packets from an ATSC/QAM card
• dvb_c : Read MPEG-TS packets from a DVB-C card aka digital TV card
• dvb_device : Read MPEG-TS packets from a DVB device, used only for specific cards with proprietary drivers
• dvb_s : Read MPEG-TS packets from a DVB-S device aka satellite card
• kismet_drone : Connect to a Kismet drone
• pcap_dir : Read packets from pcap files in a directory
• pcap_file : Read packets from a pcap file
• pcap_interface : Read packets from a network card

• file : Save parsed payloads into files
• inject : Inject packets to an interface
• log_txt : Save events into plain text files according a template
• log_xml : Save events into XML files
• pcap_file : Save packets into pcap files
• pcap_flow : Save connections into separate pcap files
• tap : Dumps packets to a virtual tap interface

• http_cookies : Dump HTTP session cookies in a text file
• http_media : Dump HTTP images or video and create an apache like log for each file
• http_searches : Dump searches performed on web sites based on a regex
• wallofsheep : Dump All the clear-text password found in a text file

• 80211 : Parse 802.11 aka wireless frames
• arp : Parse ARP packets
• dns : Parse DNS packets
• docsis : Parse DOCSIS aka cable modems packets
• docsis_mgmt : Parse DOCSIS management packets
• ethernet : Parse ethernet frames
• gre : Parse GRE packets
• http : Parse the HTTP protocol
• icmp : Parse ICMP packets
• icmp6 : Parse ICMPv6 packets
• imap : Parse IMAP packets
• ipv4 : Parse IP (version 4) packets
• ipv6 : Parse IPv6 packets
• mpeg_dvb_mpe : Parse DVB MPE (Multi Protocol Encapsulation) packets found in MPEG traffic
• mpeg_sect : Parse MPEG section packets
• mpeg_ts : Parse MPEG-TS packets as defined in ISO/IEC 13818-1 or ITU-T Rec. H.222.0
• ppp : Parse PPP packets
• ppp_chap: Parse PPP-CHAP packets
• ppp_pap: Parse PPP-PAP packets
• pppoe : Parse PPPoE packets
• radiotap : Parse radiotap packets used for encapsulating wireless (802.11) frames
• rtp : Parse RTP packets
• sip : Parse SIP packets
• smtp : Parse the SMTP protocol
• tcp : Parse TCP packets
• tftp : Parse TFTP packets
• udp : Parse UDP datagrams
• vlan : Parse VLAN aka 802.1q packets

• arp : Analyze ARP packets
• dns : Analyze DNS packets
• docsis : Analyze DOCSIS packets
• dtmf : Analyze DTMF events in SIP sessions
• gif : Analyze GIF images
• http : Analyze HTTP connections
• http_post : Analyze HTTP POST payloads (form-urlencoded)
• imap : Analyzer IMAP packets
• jpeg : Analyze JPEG images
• multipart : Analyzer MIME multipart payloads
• png : Analyze PNG images
• ppp_chap : Analyze PPP-CHAP events
• ppp_pap: Analyze PPP-PAP events
• rfc822 : Analyzer RFC822 messages
• rtp : Analyze RTP streams
• sdp : Analyze SDP describing media sessions
• sip : Analyzer SIP messages and session
• smtp : Analyze SMTP connections
• tftp : Analyze TFTP packets

• postgres : PostgreSQL backend
• sqlite : SQLite backend