packetq is a command line tool to run SQL queries directly on PCAP files, the results can be outputted as JSON (default), formatted/compact CSV and XML. It also contain a very simplistic web-server in order to inspect PCAP files remotely. PacketQ was previously known as DNS2db but was renamed in 2011 when it was rebuilt and could handle protocols other than DNS among other things.
More information is provided in our README, FAQ, functions, and fields documentation.
A short demo-video of PacketQ's capabilities is available on http://www.youtube.com/watch?v=70wJmWZE9tY
Packages for Debian, Ubuntu and RPM (CentOS, Fedora, RHEL, SLE and openSUSE) can be found here: https://dev.dns-oarc.net/packages/
Here are the releases of PacketQ with the latest at the top, read about the changes in the changelog.
|packetq-1.7.1.tar.gz||June 2, 2022||940K|
|packetq-1.7.0.tar.gz||April 13, 2022||939K|
|packetq-1.6.0.tar.gz||March 10, 2022||933K|
|packetq-1.5.0.tar.gz||November 5, 2021||927K|
|packetq-1.4.3.tar.gz||Oct 23, 2020||925K|
|packetq-1.4.2.tar.gz||Mar 2, 2020||917K|
|packetq-1.4.1.tar.gz||Nov 9, 2017||917K|
|packetq-1.4.0.tar.gz||Jul 11, 2017||914K|
|packetq-1.3.1.tar.gz||Jun 02, 2017||913K|
|packetq-1.3.0.tar.gz||May 23, 2017||912K|
See sha256.txt or sha512.txt for checksums.
The software is licensed under the GNU General Public License v3.
You can clone the code repositories from GitHub:
$ git clone https://github.com/DNS-OARC/PacketQ.git