I recently wrote
caronte, a platform for network flow analysis. Its purpose is to reconstruct the flow of TCP connections to detect patterns and to display their contents. The platform is able to analyze high network traffic in real time, and store the extracted information in an efficient data structure in order to be searched. The project is open source and is released under the GPL-3.0 license.