pdumpq facilitates a pcap Dump suitable for Linux/Netfilter QUEUE.
Once those packets are in a file, you can easily use popular decoders like tcpdump, ethereal, and snort to read them. pdumpq also lets you pipe the packets directly to these decoders so you can view the contents of the packets as they come in.
One particularly useful feature of pdumpq is its ability to help populate your snort alert database with iptables data. This can save a lot of time and effort when setting up your security measures.
Other noteworthy features of pdumpq include automatic dumpfile rotation, advanced filtering options based on firewall marks, and the option to receive email notifications of decoded packet dumps. Overall, this is a solid piece of software for anyone in need of a reliable pcap dump tool.
Version 0.2.1: N/A