Ip protocols logger
ippl [-hn] [-c file-name] [--help] [--nodaemon] [--config file-name]
ippl is an IP protocols logger. It logs incoming TCP connections, UDP datagrams and ICMP packets sent to a host.
ippl is based on the well-known iplogger written by Mike Edulla. The main drawback of iplogger is that it is not (easily) configurable. ippl has been written keeping in mind that it should be extremely configurable and it should be easy to extend its logging capabilities.
-c file-name, --config file-name
file-name specifies an alternate configuration file to use. By default, CONFIGURATION_FILE is used.
Print a usage message on standard output and exits successfully.
This option cause ippl not to place itself in the background. The log messages will be logged to standard output instead of using syslog.
ippl reacts to certain signal. An easy way to send it signals is to use the following command:
kill -SIGNAL `cat PID_FILE`
This causes ippl to close all the open sockets and log files, reread the configuration file and restart. Note that this signal should be sent to ippl if the log files are renamed or deleted.
ippl will cleanly die.
If ippl has been started with th -n option, it will cleanly die.
/etc/ippl.conf - configuration file /usr/share/doc/ippl/* - files worth reading if you still have a question /var/run/ippl/ippl.pid - file containing the PID of the running ippl
ippl.conf(5), RFC768, RFC791, RFC792, RFC793, RFC1413
Two mailing lists have been setup. Send an email to [email protected] to subscribe to the announcement list (ippl-announce) or to the development list (ippl).
If ippl spends too much time resolving host names, some packets may not be logged.
The logclosing option logs TCP connection terminations. However, it logs terminations initiated by both ends, which is not the expected behavior.
Please reports any bug to [email protected]