***

README DOCUMENT FOR IPTRAF 2.0

IMPORTANT: READ THE SECTION BELOW ON SYSTEM REQUIREMENTS

***

DESCRIPTION

IPTraf is a console-based network monitoring program for Linux that
displays information about IP traffic.  It returns such information as:

	Current TCP connections
	UDP, ICMP, OSPF, and other types of IP packets
	Packet and byte counts on TCP connections
	IP, TCP, UDP, ICMP, non-IP, and other packet and byte counts
	TCP/UDP counts by ports
	Packet counts by packet sizes
	Packet and byte counts by IP address
	Interface activity
	Flag statuses on TCP packets
	LAN station statistics
	
This program can be used to determine the type of traffic on your network,
and what kind of service is the most heavily used on what machines, among
others.

IPTraf works on Ethernet, FDDI, ISDN, PLIP, and SLIP/PPP interfaces.

The IPTraf Web page is at http://cebu.mozcom.com/riker/iptraf

DISTRIBUTION NOTICE

This is the general release of IPTraf.  IPTraf has been incorporated into
the Debian GNU/Linux and S.u.S.E. distributions, as well as the Trinux
security toolkit distribution.

Linux distributions may have tailored the IPTraf package to suit their
purposes.  Direct questions, comments or inquiries about a
distribution-specific package to its maintainer.

NEW SYSTEM REQUIREMENTS

IPTraf 2 requires Linux 2.2.  It now uses the new PF_PACKET socket family
as its capture mechanism.  This feature is new to the 2.2 kernel.  IPTraf
1.4 will still work with kernel 2.2 with no problems, except for a warning
message in the syslog indicating the use of the obsolete AF_INET,
SOCK_PACKET mechanism.  Make sure you have the Packet Socket driver
compiled in or installed as a module, or IPTraf will fail.

Use of the latest glibc 2.x is also recommended.

IPTraf 1.4 will still run on the new Linux 2.2 kernel, but you'll receive
an complaint in the system log file telling you an obsolete function is
being used.  It can be safely ignored.

WHERE IS IT NOW?

IPTraf 2 has a reorganized menu structure.  A new facility has been
added, and some statistical pieces have been moved.  The TCP/UDP service
monitor has been moved to Statistical breakdowns/By TCP/UDP port.  The
packet size distribution has also been moved from the detailed interface
statistics screen to a facility of its own; select Statistical
breakdowns/By packet size.  The Statistical breakdowns/By IP address
screen shows similar counts by IP address.