User Tools

Site Tools


start

This is an old revision of the document!


A PCRE internal error occured. This might be caused by a faulty plugin

====== Packet-o-matic NG ====== Packet-o-matic NG aka pom-ng is the new generation of packet-o-matic. It is a complete rewrite based on the previous version with improved architectural design and packet processing. Notable new features are multi-input support and multi-thread processing. **If you are looking for documentation about the old version of packet-o-matic, see [[pom:start|here]].** ==== General ==== * [[pom-ng:installation|Installation]] : Step by step intstallation procedure * [[pom-ng:getting_started|Getting started]] : Beginner's guide to pom-ng * [[pom-ng:docsis:DOCSIS]] : Notes about sniffing DOCSIS streams * [[pom-ng:core|Core]] : Documentation pom-ng's core including command line parameters and global parameters * [[pom-ng:events|Events]] : List of all events that can be generated * [[pom-ng:lua|Lua]] : Lua API documentation * [[pom-ng:roadmap|Roadmap]] : Roadmap for pom-ng * [[pom-ng:features_wishlist|Features wishlist]] : Add the feature you'd like to see here ! * [[pom-ng:troubleshooting|Troubleshooting]] : Troubleshooting steps for various problems ==== Modules ==== Here is a list of available modules. === Input === * [[pom-ng:input:docsis]] : Read DOCSIS packets from a digital TV card * [[pom-ng:input:docsis_scan]] : Scan for DOCSIS streams using a digital TV card * [[pom-ng:input:dvb_atsc]] : Read MPEG-TS packets from an ATSC/QAM card * [[pom-ng:input:dvb_c]] : Read MPEG-TS packets from a DVB-C card aka digital TV card * [[pom-ng:input:dvb_device]] : Read MPEG-TS packets from a DVB device, used only for specific cards with proprietary drivers * [[pom-ng:input:dvb_s]] : Read MPEG-TS packets from a DVB-S device aka satellite card * [[pom-ng:input:kismet_drone]] : Connect to a [[https://kismetwireless.net/|Kismet]] drone * [[pom-ng:input:pcap_dir]] : Read packets from pcap files in a directory * [[pom-ng:input:pcap_file]] : Read packets from a pcap file * [[pom-ng:input:pcap_interface]] : Read packets from a network card === Output === * [[pom-ng:output:file]] : Save parsed payloads into files * [[pom-ng:output:inject]] : Inject packets to an interface * [[pom-ng:output:log_txt]] : Save events into plain text files according a template * [[pom-ng:output:log_xml]] : Save events into XML files * [[pom-ng:output:pcap_file]] : Save packets into pcap files * [[pom-ng:output:pcap_flow]] : Save connections into separate pcap files * [[pom-ng:output:tap]] : Dumps packets to a virtual tap interface === Addons output === * [[pom-ng:addon_output:http_cookies]] : Dump HTTP session cookies in a text file * [[pom-ng:addon_output:http_media]] : Dump HTTP images or video and create an apache like log for each file * [[pom-ng:addon_output:http_searches]] : Dump searches performed on web sites based on a regex * [[pom-ng:addon_output:wallofsheep]] : Dump All the clear-text password found in a text file === Protocol === * [[pom-ng:proto:80211]] : Parse 802.11 aka wireless frames * [[pom-ng:proto:arp]] : Parse ARP packets * [[pom-ng:proto:dns]] : Parse DNS packets * [[pom-ng:proto:docsis]] : Parse DOCSIS aka cable modems packets * [[pom-ng:proto:docsis_mgmt]] : Parse DOCSIS management packets * [[pom-ng:proto:ethernet]] : Parse ethernet frames * [[pom-ng:proto:gre]] : Parse GRE packets * [[pom-ng:proto:http]] : Parse the HTTP protocol * [[pom-ng:proto:icmp]] : Parse ICMP packets * [[pom-ng:proto:icmp6]] : Parse ICMPv6 packets * [[pom-ng:proto:ipv4]] : Parse IP (version 4) packets * [[pom-ng:proto:ipv6]] : Parse IPv6 packets * [[pom-ng:proto:mpeg_dvb_mpe]] : Parse DVB MPE (Multi Protocol Encapsulation) packets found in MPEG traffic * [[pom-ng:proto:mpeg_sect]] : Parse MPEG section packets * [[pom-ng:proto:mpeg_ts]] : Parse MPEG-TS packets as defined in ISO/IEC 13818-1 or ITU-T Rec. H.222.0 * [[pom-ng:proto:ppp]] : Parse PPP packets * [[pom-ng:proto:ppp_chap]]: Parse PPP-CHAP packets * [[pom-ng:proto:ppp_pap]]: Parse PPP-PAP packets * [[pom-ng:proto:pppoe]] : Parse PPPoE packets * [[pom-ng:proto:radiotap]] : Parse radiotap packets used for encapsulating wireless (802.11) frames * [[pom-ng:proto:rtp]] : Parse RTP packets * [[pom-ng:proto:sip]] : Parse SIP packets * [[pom-ng:proto:smtp]] : Parse the SMTP protocol * [[pom-ng:proto:tcp]] : Parse TCP packets * [[pom-ng:proto:tftp]] : Parse TFTP packets * [[pom-ng:proto:udp]] : Parse UDP datagrams * [[pom-ng:proto:vlan]] : Parse VLAN aka 802.1q packets === Analyzer === * [[pom-ng:analyzer:arp]] : Analyze ARP packets * [[pom-ng:analyzer:dns]] : Analyze DNS packets * [[pom-ng:analyzer:docsis]] : Analyze DOCSIS packets * [[pom-ng:analyzer:dtmf]] : Analyze DTMF events in SIP sessions * [[pom-ng:analyzer:gif]] : Analyze GIF images * [[pom-ng:analyzer:http]] : Analyze HTTP connections * [[pom-ng:analyzer:http_post]] : Analyze HTTP POST payloads (form-urlencoded) * [[pom-ng:analyzer:jpeg]] : Analyze JPEG images * [[pom-ng:analyzer:multipart]] : Analyzer MIME multipart payloads * [[pom-ng:analyzer:png]] : Analyze PNG images * [[pom-ng:analyzer:ppp_chap]] : Analyze PPP-CHAP events * [[pom-ng:analyzer:ppp_pap]]: Analyze PPP-PAP events * [[pom-ng:analyzer:rfc822]] : Analyzer RFC822 messages * [[pom-ng:analyzer:rtp]] : Analyze RTP streams * [[pom-ng:analyzer:sdp]] : Analyze SDP describing media sessions * [[pom-ng:analyzer:sip]] : Analyzer SIP messages and session * [[pom-ng:analyzer:smtp]] : Analyze SMTP connections * [[pom-ng:analyzer:tftp]] : Analyze TFTP packets === Datastore === * [[pom-ng:datastore:postgres]] : PostgreSQL backend * [[pom-ng:datastore:sqlite]] : SQLite backend

start.1436516554.txt.gz · Last modified: 2015/07/10 08:22 by gmsoft