||OK... Here we are.
It's time to invent something interesting.
||I've register some free domain,
configure primary and
secondary DNS. It's time to bring some
http server up.
||We are working on describing major
Project Goals. Those are in VERY unofficial state, and
probably they will change.
||netraf project "web-page creating process" has been started.
From now http://netrafd.sign.a.la/ is
the official web-address of project.
||Micha? is trying to create an account and register netraf
||First steps in network programming with pcap
library in linux. It's quite easy. I'm diggin' in documentation.
some test-environments (linux 2.4.xx,
FreeBSD 5.1 with generic kernel,
wondering if some ioctl() calls will be portable
(NO :(, at least it won't be a child's play).
netraf code parts (hmm... "early stages") are
After looking at
page we have chosen
BSD License - it's short and plain.
Short introduction (and
explanation "why?") to netraf is available.
netraf project is registered at
SourceForge.net! Thus, new addresses
Project page is a little modernized (added a bit of CSS
and some cosmetic changes).
||our project page can be found via google.com since 25.03.2005!
PS: Happy Easter!!
||I'm starting work with GUI. Learning NCURSES Library from wonderful
NCURSES Programming HOWTO.
||Our second "first steps" in pcap (now it's Micha? turn to figure out how it all works),
some packets captured, now we know how this big machinery works, lots of fun with tracing packet
flow through system.
||NCURSES library is amazing,
but insufficient to build convenient User Interface. We need good thread-model; solution:
POSIX-threads specification. It's well described in Mark Mitchell's book -
"Advanced Linux Programming".
||Tons of packets captured. Work on counting packets by MAC addresses begun.
||Found some implementation of hash table, which would nicely fit into our project.
Tweaking some features, assimilation process in progress.
||We've noticed the need for some kind of communication protocol
(GUI and daemons have to communicate in some way).
|Tomek is learning all about
We will have "professional" configure script and Makefiles :).
First worth mentioning success with netrafd
part of the project: packets are flowing through machine, counters
are spinning... Looks like everything will eventually work.
||Small trip into the world of advanced linux programming.
First thoughts that tracing packets going through system might not be as easy
as it looked... Back to the drawingboard, time to refresh knowledge about packet
structure, size of particular fields in packet headers.
||Finally - we've described how netraf will be working.
We'll invite you to reading changed project goals.
Amazed by the fact that small and simple things tend to
become big and complex when they come in large numbers.
There are so many network protocols, from link layer to
session layer, and every one of them have its own header.
Great, big world of possibilities opened its gates for us,
and crushed us with endless complexity of the problem.
Another step in describing the goals of the project
helped to overcome the crisis.
||The packets from one interface are counted by MAC addresses.
Don't know why, but something is going wrong with linux pseudo interface "any"
(way to capture on all interfaces). Investigation in progress.
||Another part of code almost working, first steps to
connection logging. Connections will be remembered by two pairs (IP and PORT).
Reading about the three way handshake in TCP protocol, and trying to understand
the process of closing connection.
||Encountered another problem; this time it is about the hash
table implementation - it doesn't fit our needs. It implements
the LRU algorithm which causes it to dynamically
shift physical position of the hashes in table. So... when we have
one writer and many readers, different readers would have different
readings from the structure. What's more, even the same reader could
read some entry twice or crash when trying to read entry that is being moved.
We need a hashtable that would give some interface for readers, where
data is static.
||Shared memory model born and is described now. Mateusz starts coding it.
Can't focus on one thing, started work on counting packets
for interface statistics.
||Stopped working. Thinking and reading about interface "any"
in linux kernel. The problem is that when capturing packets from
interface "any", the source MAC is set to something like
00:00:01:00:00:06, and I don't know what to do with it - how to
recover the original source mac.
||First GUI screenshot is available! "Menu system"
based on NCURSES
is very near...
||netrafg "Menu system" is passing tests
||Working with existing netrafd code,
rewriting and optimizing functions,
commenting code, trying to figure out how to put everything together.
Working on threading, and thinking how to split code into autonomous parts.
||Shared memory model is ready to use (available in
||Rewrote parts of netrafd to use shmem.
"... I was who you are...
You will be who I am..."
I'm sure we'll meet each other again some day.
||Goodbye to pcap. Change of plans; we'll write
our own, simple library to capture packets. Why? As mentioned before, Micha? couldn't
figure out how to get machine source hardware address while listening on interface "any".
||netrafg "Menu system" is ready to use.
It is thread-safe and using
The "mycap" set of functions is ready. It presents a simple interface
similar to the one presented by pcap,
so it shouldn't be difficult to rearrange existing code to use it instead of
||Finished the MAC statistics module. Interface statistics module is also
capturing packets on all interfaces.
||Organized all netrafd functions into one interface,
allowing simple adding and managing of modules.
Using shmem made whole work much easier.
||"Literature" section added to project page.
||Interface statistics module is finished. Now it listens on all interfaces,
and counts incoming and outgoing bytes/packets. Also knows how to recognize
broadcast, multicast and loopback packets.
||We've invented Config-file module interface. Tomek is working on whole library.
Started to write parts of filtering module, which will allow us to add
user filters to packet capturing functions.
||We have moved our project page to sourceforge.net
since "a.la" domain no longer exists.
||We began working on "man" pages to netraf.
"Theory" section added. You're invited to look at
"netraf Operation Diagram".
||Tomek introduced first working version of Config-file module.
netraf Shared Memory Model,
working scheme and
"MYCAP" packet capture library articles are finally done.
There are more and more dialog boxes in netrafg
(form.h library usage).
First working version of netrafl
is ready for tests.
Interface Statistics, MAC Statistics, IP Statistics and TCP Connection
Statistics windows are done. Every window is owned by different thread, so
every change in individual netrafd
structure are visible immediately.
A major bug in shmem implementation found and fixed (Code Chunks updated).
It was mistake in deleting element from hash table.
Change of technology in configuration files, because usage of mmap
wasn't stable enough
netrafg has two "screen-savers"
(available in code chunks separately).
Configuration Files library with example is available in Code Chunks.
New articles in "Theory" section:
Working Scheme and
Configuration Files and Filters Syntax
"Documentation" section appeared.
New screenshots of
netraf finally has professional "configure" and "make" scripts!
We invite you to download first official beta of netraf project.