I want to create a simple table (using python) in which I can store/search IP packet header fields i.e.,
source IP, Destination IP, Source Port, Destination port, count
I want to achieve the following when I get new packet header fields:
Lookup in the table to see if a packet with these fields is already added, if true then update the count.
If the packet is not already present in the table create a new entry and so on.
Through my search so far I have two options:
Create a list of dictionaries, with each dictionary having the five fields mentioned above. (Python list of dictionaries search)
Use SQLite.
I want to ask what is an optimal approach (or best option) for creating an packet/flow lookup table. The expected size of table is 100-500 entries.
You could use defaultdict(list) from collections to store your data. I assume you would want to search based on the source IP so you would keep the source IP as key.
Since you are saying that you only have a table with 100-500 entries, you could search for destination IPs also using
I do not know whether both the source IP and the destination IP would be unique in all the cases. For that, you can decided what to choose. The advantage of defaultdict(list) is that you can append things also without overwriting the previous values.
I am not sure this is exactly what you are looking for but I have tried to understand your data type according to description.
Hope that helps.