1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
|
specter
version: 1.4-pre2
last modified: 12 Apr 2005
homepage: http://joker.linuxstuff.pl/specter/
specter is a userspace logging facility for Linux. It uses netfilter
ULOG target for packets gathering, and then passes them to attached
plugins. Modularized structure makes specter very flexible and robust.
It's based on ulogd, but has improved design and wider functionality.
CONTENTS
Package consists of three parts: core, ulog library, and plugins.
Library takes care about kernel-process communication via netlink
socket, core manages all structures and plugins actually interpret
and stores packets.
Plugins are the heart of specter. Divided into two groups: input and
output. Plugins from the first group receive a packet and process its
contents. Output plugins base on this data and take appropriate action
(like logging, or running application).
There's also quite verbose documentation in doc/ subdirectory, read
it if you want to learn how to install and use specter.
REQUIREMENTS
You'll need a linux kernel with ipt_ULOG.o module, which had been
included since version 2.4.18-pre8. If you have older kernel, you can
install ulog-patch from netfilter patch-o-matic system, or simply
upgrade your kernel.
CREDITS
specter was written by Michal Kwiatkowski <ruby@joker.linuxstuff.pl>,
based on ulogd 1.02 code by Harald Welte <laforge@gnumonks.org>.
I would also want to thank following people for their support, in any
form (comments, bugreports, ideas):
Jesper Dangaard Brouer
Robert Gogolok
Igor Iorjev
Grzegorz Bizon
Wolfram Schlich
|