About This Document

    This document is the User's Manual for netrafg version 0.01[preAlpha27]. Here are documented features of the program and instructions of its use.

Additional Information

    See the included README file for summarized and late-breaking information. The ChangeLog file contains a record of the changes made to the software (whole netraf project and in particular netrafg part of it) since netraf 0.1 Beta version.

Introduction

    netrafg is integral part of netraf project. It is in fact multithreaded front-end GUI to netrafd logging daemon, showing informations gathered from intercepted packets. This informations include:

• Interface Statistics:
  
  
  
  
  • amount of data (In/Out) in kB,
  • count of transferred packets and IP packets (In/Out),
  • count of transferred Broadcast, Multicast, "routed-through", TCP, UDP and ICMP packets,
  • transfer rates in kB/s and packets/s (In/Out),
  
  
  
• MAC Statistics:
  
  
  
  
  • amount of data (In/Out) in kB,
  • count of transferred packets and IP packets (In/Out),
  • transfer rates in kB/s and packets/s (In/Out),
  
  
  
• IP Statistics:
  
  
  
  
  • amount of data (In/Out) in kB,
  • count of transferred IP packets (In/Out),
  • transfer rates in kB/s and packets/s (In/Out),
  
  
  
• TCP Connection Statistics:
  
  
  
  
  • amount of data (DOWN and UP) bytes per one TCP connection,
  • count of transferred IP packets per connection,
  • average data rates for choosen connection,
  
  
  

Installation and System Requirements

    netrafg is available in netraf package. Program requires the following to run:

• i386 or later CPU (Pentium-class machines recommended),
• 16MB of physical RAM or higher. 32MB virtual memory recommended,
• high-speed terminal,
• Linux 2.4.xx kernel (in fact there is no contraindications to run netrafg on other X/Open Specification compatible (UNIX) system, but there is no point if netrafd won't be ported to other non-linux systems),
• gcc version 3.3.3 or later,
• Shared C, NCURSES, panel, form and menu libraries,
• POSIX-threads specification compatible library (we're using LinuxThreads implementation),

Starting netrafg

    After installation you can start the program by entering netrafg at the shell prompt. Notice that netrafd has to be run BEFORE netrafg. If everything went OK you will see program desktop. It consist of menu-bar (top of the screen), space for windows and status-bar (bottom of the screen). All major functions of the program can be found in main-menu (key F9). Status bar always contains help for key-bindings or short description (for menu-options).

Creating new writer

    To create new writer netrafg has to be run with root privileges. When sub-menu "New..." from "Function" menu is chosen, "Choose writer type" window will appear. Using cursor-keys chose writer type you want and press [enter] to select it. Depending on your selection one of following windows will apear:

• Create new Interface statistics writer,
• Create new MAC statistics writer,
• Create new IP statistics writer,
• Create new Connection statistics writer,

Basically, in every of above window user can set "Writer name", assign Filter, and set logging options. Due to current netrafl status, logging options are available only to "Interface statistics writers" and "MAC statistics writers". Meaning of individual fields in "Logging Options" window are described in netrafl Working Scheme. Meaning of "Cleanup" field in "IP statistics writer" and "Inactivity" field in "Connection statistics writer" are described in netrafd.conf manual page.

Opening previously created writer

    To open writer of specified type, simply choose appropriate sub-menu from "Function" menu. After selection, window with all user-defined writer will apear. Choose writer you want to look at, and press [enter] to select.

Closing writer

    To close writer press [esc] on active window.

Deleting (stopping) writer

    To delete writer netrafg has to be run with root privileges. The operation is quite simple. Open writer you want to stop, and press [delete] button. Program asks you for confirmation and then deletes writer.

Managing filters

    Adding, editing and deleting filters can be done via main-menu "Filter" item functions. Meaning of individual fields are described in filters.conf manual.

M.S.