This is a Deep Packet Inspection (DPI) Engine - a network analysis tool that:
- Reads PCAP (packet capture) files
- Parses network packets (Ethernet, IP, TCP, UDP)
- Extracts SNI (Server Name Indication) from TLS/HTTPS connections
- Classifies applications (YouTube, Facebook, Netflix, etc.)
- Can block traffic based on rules (IP, app, domain)
- Supports multi-threaded processing for high performance
main.py- Main entry point with CLIpcap_reader.py- PCAP file reader (207 lines)packet_parser.py- Network protocol parser (237 lines)dpi_engine.py- Main DPI engine orchestrator (456 lines)dpi_types.py- Data types and structures (220 lines)sni_extractor.py- SNI extraction from TLS (280 lines)rule_manager.py- Blocking rules management (280 lines)connection_tracker.py- Connection flow trackingthread_safe_queue.py- Thread-safe queue implementationload_balancer.py- Load balancer for multi-threading
README.md- Comprehensive technical documentationWINDOWS_SETUP.md- Windows setup guide