{"id":13775091,"url":"https://github.com/dns-oarc/packetq","last_synced_at":"2025-12-15T21:15:10.450Z","repository":{"id":1383452,"uuid":"1338181","full_name":"DNS-OARC/PacketQ","owner":"DNS-OARC","description":"A tool that provides a basic SQL-frontend to PCAP-files","archived":false,"fork":false,"pushed_at":"2024-11-12T15:55:49.000Z","size":2185,"stargazers_count":394,"open_issues_count":12,"forks_count":57,"subscribers_count":27,"default_branch":"develop","last_synced_at":"2025-04-01T03:34:58.133Z","etag":null,"topics":["dns","pcap","sql"],"latest_commit_sha":null,"homepage":"https://www.dns-oarc.net/tools/packetq","language":"JavaScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"gpl-3.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/DNS-OARC.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGES","contributing":null,"funding":".github/FUNDING.yml","license":"COPYING","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null},"funding":{"custom":"https://www.dns-oarc.net/donate"}},"created_at":"2011-02-07T15:29:29.000Z","updated_at":"2025-03-22T11:16:33.000Z","dependencies_parsed_at":"2024-01-07T01:14:27.207Z","dependency_job_id":"43c5507a-8746-458a-87c0-59f66a950d81","html_url":"https://github.com/DNS-OARC/PacketQ","commit_stats":{"total_commits":204,"total_committers":19,"mean_commits":"10.736842105263158","dds":0.6715686274509804,"last_synced_commit":"740a99e6b8876a13a0e169c169f327a181cad756"},"previous_names":["dotse/packetq"],"tags_count":24,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/DNS-OARC%2FPacketQ","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/DNS-OARC%2FPacketQ/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/DNS-OARC%2FPacketQ/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/DNS-OARC%2FPacketQ/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/DNS-OARC","download_url":"https://codeload.github.com/DNS-OARC/PacketQ/tar.gz/refs/heads/develop","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":247773719,"owners_count":20993639,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["dns","pcap","sql"],"created_at":"2024-08-03T17:01:33.800Z","updated_at":"2025-12-15T21:15:05.394Z","avatar_url":"https://github.com/DNS-OARC.png","language":"JavaScript","funding_links":["https://www.dns-oarc.net/donate"],"categories":["\u003ca id=\"f13469c9891173804423be4403b2c4ff\"\u003e\u003c/a\u003epcap"],"sub_categories":["\u003ca id=\"eb49514924c3f4bf2acf6f3a4436af13\"\u003e\u003c/a\u003e未分类"],"readme":"# PacketQ\n\n[![Bugs](https://sonarcloud.io/api/project_badges/measure?project=dns-oarc%3APacketQ\u0026metric=bugs)](https://sonarcloud.io/summary/new_code?id=dns-oarc%3APacketQ) [![Security Rating](https://sonarcloud.io/api/project_badges/measure?project=dns-oarc%3APacketQ\u0026metric=security_rating)](https://sonarcloud.io/summary/new_code?id=dns-oarc%3APacketQ)\n\n`packetq` is a command line tool to run SQL queries directly on PCAP files,\nthe results can be outputted as JSON (default), formatted/compact CSV and XML.\nIt also contain a very simplistic web-server in order to inspect PCAP files\nremotely. PacketQ was previously known as DNS2db but was renamed in 2011 when\nit was rebuilt and could handle protocols other than DNS among other things.\n\nMore information is provided in our [FAQ](FAQ.md), [functions](FUNCTIONS.md),\nand [fields](FIELDS.md) documentation.\n\nA short demo-video of PacketQ's capabilities is available on http://www.youtube.com/watch?v=70wJmWZE9tY\n\n## Features\n\n* Super-fast native decoding of PCAP-files (even gzipped) and dirt-quick in-memory sorting algorithms.\n* A extensible protocol decoding design with build in support for ICMP and DNS from start.\n* Support for grouping, sorting, counting and most other important SQL-functions.\n* Only dependent on zlib, no other hard-to-find libs needed. Compiles on everything.\n* Build-in web-server, JSON API and a simple JQuery-based GUI concept application with graphs.\n* Can be designed to cache queries by pre-processing PCAPs into static JSON-files that can be used to make queries again.\n* Built in DNS-resolver function (used by GUI).\n* Support for sampling. Helps when making queries to large, uniform PCAP-files.\n* Can convert flags in packet-headers to text on the fly.\n* Can make multiple queries towards the same data in memory.\n\nMore information may be found here:\n- https://www.dns-oarc.net/tools/packetq\n\nIssues should be reported here:\n- https://github.com/DNS-OARC/PacketQ/issues\n\nGeneral support and discussion:\n- Mattermost: https://chat.dns-oarc.net/community/channels/oarc-software\n\n## Dependencies\n\nPacketQ requires a couple of libraries beside a normal C++ compiling\nenvironment with autoconf, automake, libtool and pkgconfig.\n\nPacketQ has an optional dependency on the MaxMindDB library (for the\n`CC()` and `ASN()` functions).\n\nTo install the dependencies under Debian/Ubuntu:\n```\napt-get install -y zlib1g-dev libmaxminddb-dev\n```\n\nTo install the dependencies under CentOS (with EPEL/PowerTools enabled):\n```\nyum install -y zlib-devel libmaxminddb-devel\n```\n\n## Build from GitHub\n\n```\ngit clone https://github.com/DNS-OARC/PacketQ.git\ncd PacketQ\n./autogen.sh\n./configure [options]\nmake\nmake install\n```\n\n## Building from source tarball\n\nThe [source tarball from DNS-OARC](https://www.dns-oarc.net/tools/packetq)\ncomes prepared with `configure`:\n\n```\ntar zxvf packetq-version.tar.gz\ncd packetq-version\n./configure [options]\nmake\nmake install\n```\n\n## Usage example\n\nRetrieves the 10 first packets containing DNS information from the file\n`sample.pcap`:\n\n```\npacketq -s \"select * from dns limit 10\" sample.pcap\n```\n\nStarts a web-server on port 8080 (`-p8080`) as a daemon (`-d`) serving files\nfrom the directory `html/` (`-w html/`) and PCAP files from the directory\n`pcap/` (`-r pcap/`):\n\n```\npacketq -d -p8080 -w html/ -r pcap/\n```\n\n## Author(s)\n\n- Per Granå [@Per-Grana](https://github.com/Per-Grana)\n\n## Contributor(s)\n\n- Ole Laursen [@OleLaursen](https://github.com/OleLaursen)\n- Rickard Dahlstrand [@rickarddahlstrand](https://github.com/rickarddahlstrand)\n- Jerry Lundström [@jelu](https://github.com/jelu)\n- Magnus Lundén [@ripoff](https://github.com/ripoff)\n- Roger Murray [@romu42](https://github.com/romu42)\n- Henrik Levkowetz [@levkowetz](https://github.com/levkowetz)\n- Petr Špaček [@pspacek](https://github.com/pspacek)\n- Ken Renard [@kdrenard](https://github.com/kdrenard)\n\nSee also the [full list of contributors](https://github.com/DNS-OARC/PacketQ/graphs/contributors).\n\n## Copyright\n\nCopyright (c) 2017-2024 OARC, Inc.\n\nCopyright (c) 2011-2017, IIS - The Internet Foundation in Sweden\n\nAll rights reserved.\n\n```\nThis file is part of PacketQ.\n\nPacketQ is free software: you can redistribute it and/or modify\nit under the terms of the GNU General Public License as published by\nthe Free Software Foundation, either version 3 of the License, or\n(at your option) any later version.\n\nPacketQ is distributed in the hope that it will be useful,\nbut WITHOUT ANY WARRANTY; without even the implied warranty of\nMERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the\nGNU General Public License for more details.\n\nYou should have received a copy of the GNU General Public License\nalong with PacketQ.  If not, see \u003chttp://www.gnu.org/licenses/\u003e.\n```\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fdns-oarc%2Fpacketq","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fdns-oarc%2Fpacketq","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fdns-oarc%2Fpacketq/lists"}