$Id: README,v 1.27 2009/03/29 19:15:44 jayrfink Exp $

README FILE FOR NETWARD
=======================

LICENSE: See COPYING in the source distribution for details.

INSTALL
-------

This is an in development version of netward. Note the TODO file.
Building, installing and using netward is pretty simple but there
is one pre-requisite; you *must* have pcap development libraries
installed. Otherwise the procedure is simple:

* cd to where the sources are
* make
* make install
* tweak the config file
* start it up

Here is the short-short version:



	cd ~/netward
	make && sudo make install
	cd /usr/local/netward
	vi nw.cnf
	/usr/local/netward/netward -d




NOTE!
-----

DO read the configuration file in detail - it explains how to build
filter recipes and also that polls/interval is something you may have
to play around with. Do note that you can run netward from the command
line in verbose mode to observe it's behavoir which might aid in tweaking
some of the filters and timers - in the following example we watch
ports 2-1024 except 22 and not our local IP of 192.168.1.3 *as a source*
using eth2 as the NIC with 4 polls every 16 seconds:

	netward -v -i eth0 -p 4 -i 16 portrange 2-1024 and not port 22 \
		and not src host 192.168.1.3

WARNING: This will work fine in production but netward is very much
a work in progress: DO expect changes to options, DO expect changes
to output and DO expect breakage.

Otherwise - enjoy. Comments and feedback should be sent to:

	jay.fink@gmail.com

And are welcome.