<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML>
<HEAD>
<TITLE>The KSnuffle Manual: Introduction</TITLE>
</HEAD>
<BODY TEXT="#000000" BGCOLOR="#FFFFFF" LINK="#AA0000">
<FONT FACE="Helvetica">
<A HREF="http://www.kde.org/"><IMG SRC="logotp3.gif" ALT="The K Desktop Environment" BORDER=0 ></A>
<HR WIDTH="100%" SIZE=2 ALIGN="CENTER" NOSHADE>
<DIV ALIGN=right>
<A HREF="index-2.html">Next</A> Previous<A HREF="index.html#toc1">Table of Contents</A>
</DIV>
<BR>
<H3>
1. Introduction
</H3>
This is release 2.2 of KSnuffle. KSnuffle is a network
traffic monitor for the KDE desktop. It basically works; it does not,
so far as I know, crash, but:
<UL>
<LI>
Network packet decoding is rather restricted at present. It only
really handles TCP/IP and UDP/IP, but even this is not
complete and may contain errors. I have used the code in
<I>tcpdump</I> as a base, but it is not very clear (at least, to
me!). My book on IP protocols may be more forthcoming!
</LI>
<LI>
Currently, a limited number of datalink layers are understood,
including EtherNet, PPP and loopback; basically, these are the ones
that I have access to. Others may or may not work.
</LI>
</UL>
Please note that all ilustrations in this manual show version 2.1,
however there are no changes at the GUI level from version 2.1.
<H3>
<A NAME="ss1.1"></A>1.1 Features
</H3>
Some of KSnuffle's features include:
<UL>
<LI>Basic filtering and packet selection via the GUI</LI>
<LI>Advanced filtering and packet selection via filterprograms</LI>
<LI>Multiple concurrent monitors</LI>
<LI>Remote sniffing via a remote server process</LI>
<LI>Protocol structure display to application level</LI>
<LI>TCP data stream display</LI>
<LI>Text and binary logging, plus replay of binary log files</LI>
<LI>Textual display of network traffic</LI>
<LI>Network load histograms and time-averaged load display</LI>
<LI>Parallel display of multiple load histograms</LI>
<LI>Start and stop triggers</LI>
<LI>Command execution on specific events</LI>
<LI>Save and restored filter and packet selection configurations</LI>
<LI>Support for use by selected non-root users</LI>
</UL>
KSnuffle uses packet filter descriptions exactly as for
<A HREF="man:tcpdump(8)">tcpdump(8)</A>. Please see the manual pages
for this utility for further details.
<BR><A NAME="caveat"></A>
<H3>
<A NAME="ss1.2"></A>1.2 Caveats
</H3>
Please see the <A HREF="index-7.html">caveats</A> page.
<H3>
<A NAME="ss1.3"></A>1.3 Changes
</H3>
<UL>
<LI>Changes from 0.2 to 0.3
<UL>
<LI>Window is resizable</LI>
<LI>General configuration and filters on separate pages</LI>
<LI>Remote sniffing</LI>
<LI>Event Commands</LI>
</UL>
</LI>
<LI>Changes from 0.3 to 0.4
<UL>
<LI>TCP/IP information is decoded</LI>
<LI>Font selection for packet display</LI>
<LI>Packet display column widths saved</LI>
<LI>Filter programs saved</LI>
<LI>Whopping security hole fixed</LI>
</UL>
</LI>
<LI>Changes from 0.4 to 0.5
<UL>
<LI>Ksnuffle no longer forks for each sniffers</LI>
<LI>Multiple sniffers share same libpcap object for same interface</LI>
<LI>Dynamically loaded plugin modules</LI>
</UL>
</LI>
<LI>Changes from 0.5 to 0.6
<UL>
<LI>Packet protocol structure display</LI>
<LI>TCP data stream display</LI>
</UL>
</LI>
<LI>Changes from 0.6 to 0.7
<UL>
<LI>Build with gcc 2.95 on Mandrake 7.0</LI>
</UL>
</LI>
<LI>Changes from 0.7 to 0.8
<UL>
<LI>Minor bug fixes</LI>
<LI>TCP/IP monitor plugin</LI>
</UL>
</LI>
<LI>Changes from 0.8 to 2.0
<UL>
<LI>First port to Kde2/Qt2.2</LI>
</UL>
</LI>
<LI>Changes from 2.0 to 2.1
<UL>
<LI>Show MAC addresses</LI>
<LI>Fix for starting/stopping sniffers on the same port</LI>
</UL>
</LI>
<LI>Changes from 2.1 to 2.2
<UL>
<LI>Setuid-root and non-root operation changes</LI>
</UL>
</LI>
</UL>
<DIV ALIGN=right>
<A HREF="index-2.html">Next</A> Previous<A HREF="index.html#toc1">Table of Contents</A>
</DIV>
<CENTER>
<HR WIDTH="100%" SIZE=3 ALIGN=CENTER NOSHADE>
</CENTER>
</BODY>
</HTML>
distrib
>
Mandriva
>
8.2
>
i586
>
media
>
contrib
>
by-pkgid
>
07e50cafac9da67d9e9336db4030817a
>
files
>
74
