stefan
/
tpcpr
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
Network Packet Parser with a PostgreSQL Connection.
18 Commits 1 Branch 0 Tags 430 KiB
Rust 100%
Go to file
gurkenhabicht 4d3d1c98d6 regex parser result is now a field in QryData, and stored in the db as a result 2020-05-21 17:27:30 +02:00
src regex parser result is now a field in QryData, and stored in the db as a result 2020-05-21 17:27:30 +02:00
.gitignore
Cargo.lock implemented regex parser to stdout, formatted layout 2020-05-21 00:56:11 +02:00
Cargo.toml implemented regex parser to stdout, formatted layout 2020-05-21 00:56:11 +02:00
README.md Update README.md 2020-05-13 16:23:42 +02:00

README.md

This is experimental

This version is a successor of the _POSIX_C_SOURCE 200809L implementation in which all of the data of a parsed pcap/pcapng file is written as a single and simple query. This is done rather fast (tested writes: 100*10^3 tcp packets in ~1.8 sec) but may be insecure.

Postgres databases have a custom maximum limit on each insert query of prepared statements. In order to solve this issue, parsed data is written in chunks. This value is initialized in the config file called parser.json as insert_max.

Currently, ethernet, IPv4 and TCP are the only network protocols handled.