1 files changed, 51 insertions, 0 deletions

diff --git a/old/glougloud/README.txt b/old/glougloud/README.txt
new file mode 100644
index 0000000..8a8c702
--- /dev/null
+++ b/old/glougloud/README.txt
@@ -0,0 +1,51 @@
+glougloud - glouglou daemon, for network traffic visualisation in real time
+
+
+=== Requirements ===
+
+* libglouglou
+
+Known to work on OpenBSD 5.1 and Linux 3.4
+
+
+=== Installation ===
+
+git clone git@meg:glouglou
+
+sudo useradd -d /var/empty/ -s /sbin/nologin _glougloud
+
+
+=== Usage ===
+
+* Run the daemon
+
+cd glouglou/glougloud/
+sudo ./glougloud
+
+It logs to /var/log/glougloud.
+For the moment it monitors lo0 interface.
+
+* Connect to the daemon
+
+nc -vvv -u 127.0.0.1 4430 |hexdump -C
+
+You get informations of traffic flowing on the monitored interface.
+
+
+=== Notes on architecture and security ===
+
+glougloud is architectured in 3 processes:
+ * main process, runs as root, opens the capture interfaces with
+libpcap and resolves DNS names
+ * server process, runs as _glougloud user and chrooted in _glougloud
+home, listens and accepts or refuses clients connections
+ * user process, runs as _glougloud user and chrooted in _glougloud
+home, parses the captured network traffic and sends a summary to the
+connected clients
+
+The 3 processes exchanges messages througt messages, with OpenBSD imsg
+framework.
+
+Note that glougloud activates extra protections on pcap capture only
+on OpenBSD by reimplementing some of libpcap functions, see
+glougloud.c my_pcap_open_live()