https://wiki.packet-o-matic.org/ 2026-04-25T14:56:00+00:00 https://wiki.packet-o-matic.org/ https://wiki.packet-o-matic.org/lib/tpl/dokuwiki/images/favicon.ico text/html 2020-05-26T21:59:16+00:00 Anonymous (anonymous@undisclosed.example.com) https://wiki.packet-o-matic.org/pom-ng/analyzer/arp?rev=1590530356&do=diff Analyzer arp This analyzer listens to ARP packets and generates events out of them. Its main goal is to monitor ARP activity and provide useful information if the pair IP/MAC changes. Events Name Payload associated Description arp_new_stanoNew station found. text/html 2020-05-26T21:59:16+00:00 Anonymous (anonymous@undisclosed.example.com) https://wiki.packet-o-matic.org/pom-ng/analyzer/dns?rev=1590530356&do=diff Analyzer dns This analyzer listens to DNS packets and generates events out of them. Its main goal is to create an event each time a new DNS record is found. Events Name Payload associated Description dns_recordnoContains all the information about a text/html 2020-05-26T21:59:16+00:00 Anonymous (anonymous@undisclosed.example.com) https://wiki.packet-o-matic.org/pom-ng/analyzer/docsis?rev=1590530356&do=diff Analyzer docsis This analyzer listens to DOCSIS management packets and provide useful information about the DOCSIS network. Its main goal is to monitor the registration status of all cable modems on the network. Events Name Payload associated Description text/html 2020-05-26T21:59:16+00:00 Anonymous (anonymous@undisclosed.example.com) https://wiki.packet-o-matic.org/pom-ng/analyzer/dtmf?rev=1590530356&do=diff Analyzer dtmf This analyzer parses dtmf payloads in SIP INFO packets. Payloads dtmf Field Type Description signalstringKey being pressed.durationuint16Duration of the key press in milliseconds. text/html 2020-05-26T21:59:16+00:00 Anonymous (anonymous@undisclosed.example.com) https://wiki.packet-o-matic.org/pom-ng/analyzer/gif?rev=1590530356&do=diff Analyzer gif This analyzer parses the header of GIF images and output the following information : Payloads gif Field Type Description heightuint16Height of the image.widthuint16Width of the image. text/html 2020-05-26T21:59:16+00:00 Anonymous (anonymous@undisclosed.example.com) https://wiki.packet-o-matic.org/pom-ng/analyzer/http_post?rev=1590530356&do=diff Analyzer http_post This analyzer's only purpose is to fill the value of the post_data list in the http_request event. It will parse payloads of type “form-urlencoded” and fill the list with each item. text/html 2020-05-26T21:59:16+00:00 Anonymous (anonymous@undisclosed.example.com) https://wiki.packet-o-matic.org/pom-ng/analyzer/http?rev=1590530356&do=diff Analyzer http This analyzer listens for http_query and http_response events as well as http packets and generates the http_request event and its associated payloads. Events Name Payload associated Description http_requestyesCompound event containing informations from both text/html 2020-05-26T21:59:16+00:00 Anonymous (anonymous@undisclosed.example.com) https://wiki.packet-o-matic.org/pom-ng/analyzer/imap?rev=1590530356&do=diff Analyzer imap This analyzer listens for events from proto_imap. It parses the command, response and payload and issue various events. Events Name Payload associated Description imap_msgyesGenerated when a message or part of a message is found.imap_idnoContains information about client and server ID commands. text/html 2020-05-26T21:59:16+00:00 Anonymous (anonymous@undisclosed.example.com) https://wiki.packet-o-matic.org/pom-ng/analyzer/jpeg?rev=1590530356&do=diff Analyzer jpeg This analyzer parses the header of JPEG images and output the below information. If exif support is enabled, the exif data will be parsed and added to the exif parameter. Payloads jpeg Field Type Description heightuint16Height of the image. text/html 2020-05-26T21:59:16+00:00 Anonymous (anonymous@undisclosed.example.com) https://wiki.packet-o-matic.org/pom-ng/analyzer/multipart?rev=1590530356&do=diff Analyzer multipart This analyzer parses payloads with a MIME type of multipart as described in section 5.1 of RFC 2046. It will generate one payload for each part. Payloads multipart The multipart payloads don't contain additional informations and does not have any field. text/html 2020-05-26T21:59:16+00:00 Anonymous (anonymous@undisclosed.example.com) https://wiki.packet-o-matic.org/pom-ng/analyzer/png?rev=1590530356&do=diff Analyzer png This analyzer parses the header of PNG images and output the following information : Payloads png Field Type Description heightuint16Height of the image.widthuint16Width of the image. text/html 2020-05-26T21:59:16+00:00 Anonymous (anonymous@undisclosed.example.com) https://wiki.packet-o-matic.org/pom-ng/analyzer/ppp_chap?rev=1590530356&do=diff Analyzer ppp_chap This analyzer listens to the events ppp_chap_challenge_response and ppp_chap_success_failure events and create events containing the cryptographic material from the authentication. It currently support MSCHAPv2 as described in RFC 2759 and CHAP-MD5. Events Name Payload associated Description text/html 2020-05-26T21:59:16+00:00 Anonymous (anonymous@undisclosed.example.com) https://wiki.packet-o-matic.org/pom-ng/analyzer/ppp_pap?rev=1590530356&do=diff Analyzer ppp_pap This analyzer listens to the events ppp_pap_request and ppp_pap_ack_nack events and create the event ppp_pap_auth containing the details of the authentication attempt. Events Name Payload associated Description ppp_pap_authnoDetails of an authentication attempt. text/html 2020-05-26T21:59:16+00:00 Anonymous (anonymous@undisclosed.example.com) https://wiki.packet-o-matic.org/pom-ng/analyzer/rfc822?rev=1590530356&do=diff Analyzer rfc822 This analyzer parses an RFC 822 message, parses its headers and generate a payload with its content based on the Content-Type. Payloads rfc822 Field Type Description headersstring listDecoded message headers. text/html 2020-05-26T21:59:16+00:00 Anonymous (anonymous@undisclosed.example.com) https://wiki.packet-o-matic.org/pom-ng/analyzer/rtp?rev=1590530356&do=diff Analyzer rtp This analyzer will process RTP connections and create a payload out of them. It will use the telephony API to fetch the codec information and generate the appropriate event and payload. Events Name Payload associated Description rtp_stream text/html 2020-05-26T21:59:16+00:00 Anonymous (anonymous@undisclosed.example.com) https://wiki.packet-o-matic.org/pom-ng/analyzer/sdp?rev=1590530356&do=diff Analyzer sdp Perform basic analysis of an SDP payload as defined in RFC 4566. Payloads sdp Field Type Description usernamestringUsername in the 'o' line.sess_iduint64Session ID in the 'o' line.sess_versionuint64Session version in the 'o' line.sess_addr_type text/html 2020-05-26T21:59:16+00:00 Anonymous (anonymous@undisclosed.example.com) https://wiki.packet-o-matic.org/pom-ng/analyzer/sip?rev=1590530356&do=diff Analyzer sip This analyzer listens to SIP packets and reconstruct calls and dialogs from them. Events Name Payload associated Description sip_callyesBegins when a call starts and ends when the call hangs up.sip_call_dialnoA SIP call is being dialed and not yet ringing. text/html 2020-05-26T21:59:16+00:00 Anonymous (anonymous@undisclosed.example.com) https://wiki.packet-o-matic.org/pom-ng/analyzer/smtp?rev=1590530356&do=diff Analyzer smtp This analyzer listens for smtp_cmd and smtp_reply events as well as smtp packets and generates smtp_msg and smtp_auth events. It also generates rfc822 messages. Events Name Payload associated Description smtp_msgyesProvide all the information from a message sent over SMTP. text/html 2020-05-26T21:59:16+00:00 Anonymous (anonymous@undisclosed.example.com) https://wiki.packet-o-matic.org/pom-ng/analyzer/tftp?rev=1590530356&do=diff Analyzer tftp This analyzer listens at tftp packets and generates the tftp_file event and its associated payload. Events Name Payload associated Description tftp_fileyesContains details about files transfered through TFTP. tftp_file Field Type Description