SYNOPSIS

ippl [-hn] [-c file-name] [--help] [--nodaemon] [--config file-name]

DESCRIPTION

ippl is an IP protocols logger. It logs incoming TCP connections, UDP datagrams and ICMP packets sent to a host.

ippl is based on the well-known iplogger written by Mike Edulla. The main drawback of iplogger is that it is not (easily) configurable. ippl has been written keeping in mind that it should be extremely configurable and it should be easy to extend its logging capabilities.

OPTIONS

-c file-name, --config file-name

file-name specifies an alternate configuration file to use. By default, CONFIGURATION_FILE is used.

-h, --help

Print a usage message on standard output and exits successfully.

-n, --nodaemon

This option cause ippl not to place itself in the background. The log messages will be logged to standard output instead of using syslog.

SIGNALS

ippl reacts to certain signal. An easy way to send it signals is to use the following command:

           kill -SIGNAL `cat PID_FILE`

SIGHUP

This causes ippl to close all the open sockets and log files, reread the configuration file and restart. Note that this signal should be sent to ippl if the log files are renamed or deleted.

SIGTERM

ippl will cleanly die.

SIGINT

If ippl has been started with th -n option, it will cleanly die.

FILES

/etc/ippl.conf - configuration file /usr/share/doc/ippl/* - files worth reading if you still have a question /var/run/ippl/ippl.pid - file containing the PID of the running ippl

RELATED TO ippl…

ippl.conf(5), RFC768, RFC791, RFC792, RFC793, RFC1413

AUTHORS

Hugo Haas ([email protected]) Etienne Bernard ([email protected])

Information about ippl development can be found at http://larve.net/ippl/.

New stable releases can be dowloaded via FTP on sunsite.unc.edu in /pub/Linux/system/network/daemons.

MAILING LISTS

Two mailing lists have been setup. Send an email to [email protected] to subscribe to the announcement list (ippl-announce) or to the development list (ippl).

BUGS

If ippl spends too much time resolving host names, some packets may not be logged.

The logclosing option logs TCP connection terminations. However, it logs terminations initiated by both ends, which is not the expected behavior.

Please reports any bug to [email protected]