I'd like to store packets in a database format so I can see packets using ethereal (with the needed changes to support database reading) or remove not needed packets while capturing.
Does anyone know if it's possible to store packets using tcpdump on a database (either SQL, Berkeley DB, or whatever) so I can view, and remove packets in realtime? Anyone interested? Is there a patch? - This is the tcpdump-workers list. Visit https://lists.sandelman.ca/ to unsubscribe.
