[BACK]Return to README CVS log [TXT] [DIR] Up to [ELWIX - Embedded LightWeight unIX -] / embedaddon / trafshow
File:  [ELWIX - Embedded LightWeight unIX -] / embedaddon / trafshow / README
Revision 1.1.1.1 (vendor branch): download - view: text, annotated - select for diffs - revision graph
Tue Feb 21 16:55:18 2012 UTC (12 years, 4 months ago) by misho
Branches: trafshow, MAIN
CVS tags: v5_2_3p0, v5_2_3, HEAD
trafshow

    1: 
    2: 			Trafshow Version 5.
    3: 
    4: This directory contains trafshow source code, a tool for real-time network
    5: traffic visualization.
    6: 
    7: Brief description
    8: -----------------
    9: 
   10: Trafshow is a simple interactive program that gather the network traffic
   11: from all libpcap-capable interfaces to accumulate it in memory cache, and
   12: then separately display it on appropriated curses window in line-narrowed
   13: manner as a list of network flows sorted by throughput. Display updates
   14: occurs nearly in real time, asynchronously from data collecting. It look
   15: like a live show of traffic flows. Any kind of network traffic are mixed
   16: together in the one live-show screen, an Ethernet, IP, etc.
   17: 
   18: The IP traffic can be aggregated by netmask prefix bits and service ports
   19: to reorganize a heap of trivial flows into the treelike hierarchies suitable
   20: for human perception. The user can glance over the list of resulting flows
   21: and select at their to browse detail. So you can deepen into the traffic
   22: inheritance hierarchy and inspect the packets of each trivial flow in variety
   23: of presentations: raw-hex, ascii, time-stamp.
   24: The program make aggregation automatically when number of flows will exceed
   25: some reasonable amount. Just a few seconds after launch may be required for
   26: adaptation to your volume of traffic.
   27: 
   28: Trafshow also listens on UDP port (as a server) for diverse feeders of Cisco
   29: Netflow and then separately display the collected data in the same manner as
   30: described above. The following versions of Netflow are currently supported:
   31: V1, V5, V7.
   32: 
   33: Usage
   34: -----
   35: 
   36: This program may be found wonderful at lest to locate suspicious traffic on
   37: the net very quickly on demand, or to evaluate real-time traffic bandwidth
   38: utilization, in a simplest and convenient environment. But it is not intended
   39: for collecting and analysis of the network traffic for a long period of time,
   40: nor for billing!
   41: 
   42: The program pretend to be IPv6 compatible and ready to using, but it is not
   43: tested enough. You can define INET6 to do so.
   44: 
   45: Please see trafshow(1) man page for further information.
   46: 
   47: Requirements
   48: ------------
   49: 
   50: Now trafshow is a multi-threaded application, therefore your system MUST
   51: support POSIX threads. In other words if your system does not support POSIX
   52: threads you cannot compile and use this program. Hopefully, the almost all
   53: of modern operating systems has support it by default (leastwise last years).
   54: 
   55: Trafshow use the libpcap to gather network traffic, a system-independent
   56: interface for user-level packet capture. Note that most systems ship libpcap,
   57: but usually an older version. The minumum required version is 0.7, newest
   58: always preferred. The original distribution of the library is located at
   59: http://www.tcpdump.org.
   60: 
   61: Trafshow can use variouse curses libraries, a terminal-independent set of
   62: screen functions with optimal cursor motion. Currently trafshow can be
   63: compiled with any curses library, but not all of them work with color
   64: functions properly. Slang or Ncurses is preferred because it right supports
   65: color. Note that most systems ship ncurses, that will be enough.
   66: 
   67: Once libpcap and libncurses is built and installed, you can build trafshow
   68: using the procedure in the INSTALL file.
   69: 
   70: Distribution and support
   71: ------------------------
   72: 
   73: Because the program is freely distributed software it can be found around
   74: of world with or without modifications. The original distribution of the
   75: program is available at ftp://ftp.nsk.su/pub/RinetSoft/trafshow-X.Y.tgz,
   76: where X is a main version and Y is a current release.
   77: 
   78: There is no special support available right now.
   79: Problems, bugs, questions, desirable enhancements, etc., should be sent to
   80: the e-mail address trafshow@risp.ru.
   81: 
   82: Please see trafshow(1) man page for the authors and acknowledgements.
   83: 
   84: License
   85: -------
   86: 
   87: Redistribution and use in source and binary forms, with or without
   88: modification, are permitted provided that the following conditions are met:
   89: 
   90: 1. Redistributions of source code must retain the above copyright notice,
   91:    this list of conditions and the following disclaimer.
   92: 2. Redistributions in binary form must reproduce the above copyright notice,
   93:    this list of conditions and the following disclaimer in the documentation
   94:    and/or other materials provided with the distribution.
   95: 3. The names of the authors may not be used to endorse or promote products
   96:    derived from this software without specific prior written permission.
   97: 
   98: THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED
   99: WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF
  100: MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.
  101:
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>