With the MySQL version of the SQLFilter,
whole packets can be added to a database that can be queried by other users.
This is because once the packets are in the database, they can be retrieved
through an SQL query. This also makes it possible to perform string
searches on the packet contents, not just the headers.
Once the packets are in the
database, multiple users can make queries against the same database
simultaneously by using the SQLFilter Plugin.
Web Browser Access
Also available from MyPeek is software that makes it possible to easily query packet databases through
a web browser. Shown below are screenshots of the SQLFilter Web
Front-end. After supplying a query, the web front-end can
display a number of different views including Summary, Packets, Nodes,
Pairs, Ports, and Files. In Nodes, Pairs, and Ports views a row
can be selected to display the packets that represent that item.
Finally, any packet can be selected, resulting in the display of the decode
and hex for that packet. The SQLFilter web decode uses the same
decoder library and decoders used by Omni. Like in Omni, this means
you can write your own decodes. The added benefit here is that others
can see your decode through the web without having to download any dcd
The SQLFilter Web Front-end software is made of standard components like a
web server (eg Apache), html, and PHP. The result is a
very flexible and extensible multi-tier system. The diagram
below shows some of the components that make up the architecture.