Network Packet Parser with a PostgreSQL Connection.
Go to file
gurkenhabicht 8a9f819e68 added fn init_qrydata 2020-06-07 23:56:53 +02:00
src added fn init_qrydata 2020-06-07 23:56:53 +02:00
tests modular Config initialization 2020-05-29 01:05:53 +02:00
.gitignore further init 2020-05-13 00:04:54 +02:00
Cargo.lock pcap iterator now in configure, performance improvements 2020-06-01 20:55:11 +02:00
Cargo.toml pcap iterator now in configure, performance improvements 2020-06-01 20:55:11 +02:00
README.md Update README.md 2020-05-13 16:23:42 +02:00

README.md

This is experimental

This version is a successor of the _POSIX_C_SOURCE 200809L implementation in which all of the data of a parsed pcap/pcapng file is written as a single and simple query. This is done rather fast (tested writes: 100*10^3 tcp packets in ~1.8 sec) but may be insecure.

Postgres databases have a custom maximum limit on each insert query of prepared statements. In order to solve this issue, parsed data is written in chunks. This value is initialized in the config file called parser.json as insert_max.

Currently, ethernet, IPv4 and TCP are the only network protocols handled.