netlog 1.02  -- June 18, 1993

These directories contain a TCP and UDP traffic logging system.  These
programs are a part of the network security system used by Texas A&M
University.  It can be used for locating suspicious network traffic.
The following programs are included:

tcplogger -  Log all TCP connections on a subnet
udplogger -  Log all UDP sessions on a subnet
extract   -  Process log files created by tcplogger or udplogger

All three programs require an ANSI C compiler.  Tcplogger and
udplogger use the SunOS 4.x Network Interface Tap (nit).

To build the programs, just enter 'make'

If you are using 'gcc', do not turn on optimization for tcplogger
or udplogger.  Also, if 'fix-includes' was not run, then you must
use the '-traditional' flag.  To be safe, use it anyway.

The latest versions of these programs are available from

sc.tamu.edu:/pub/security/TAMU

* * * * * *
06/18/1993 Changes

Fixed bugs in extract dealing with dates (you couldn't specify the
last day of the month).

Added -n support to tcplogger and udplogger.  In tcplogger, udplogger
and extract, -n now disables port number name resolution as well.

tcplogger and udplogger now use the first ethernet interface on the
machine, instead of defaulting to "le0".  Thanks to Dave Hess for
sample code.

Fixed bug in extract that prevented using both "print" and "next"
on the same clause.  It was only executing the first one... (bug,
this was no bug... this was just silly... I only had it doing one
command).
