From 28be443a3db40cd9303a0c573e6d027c2a39124a Mon Sep 17 00:00:00 2001
From: Laurent Ghigonis <laurent@p1sec.com>
Date: Wed, 5 Jun 2013 02:22:58 +0200
Subject: glougloud: fix usage

---
 glougloud/glougloud.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/glougloud/glougloud.c b/glougloud/glougloud.c
index 2a87492..f30379e 100644
--- a/glougloud/glougloud.c
+++ b/glougloud/glougloud.c
@@ -37,7 +37,7 @@ usage(void)
 {
   extern char *__progname;
 
-  fprintf(stderr, "usage: %s [-hi]\n", __progname);
+  fprintf(stderr, "usage: %s [-hv]\n", __progname);
   exit(1);
 }
 
-- 
cgit v1.2.3-59-g8ed1b


From 5469847bdd7d49c9777c9333bf61bcf93a46669a Mon Sep 17 00:00:00 2001
From: Laurent Ghigonis <laurent@p1sec.com>
Date: Wed, 5 Jun 2013 02:42:18 +0200
Subject: add wrapper script to visualize network activity on local machine

---
 gg_sniff/localviz.sh | 21 +++++++++++++++++++++
 1 file changed, 21 insertions(+)
 create mode 100755 gg_sniff/localviz.sh

diff --git a/gg_sniff/localviz.sh b/gg_sniff/localviz.sh
new file mode 100755
index 0000000..39d8a44
--- /dev/null
+++ b/gg_sniff/localviz.sh
@@ -0,0 +1,21 @@
+#!/bin/sh
+
+# Wrapper script to visualize network activity on local machine
+
+glougloud=`which glougloud`
+gg_sniff=`which gg_sniff`
+gg_map=`which gg_map`
+iface=${1-"eth0"}
+
+if [ -z "$glougloud" -o -z "$gg_sniff" -o -z "$gg_map" ]; then
+    echo "instalation incomplete (glougloud, gg_sniff, gg_map)"
+    exit 1
+fi
+
+tmux start                                                 \;\
+        new-session -d -s glouglou                         \;\
+        neww -n "glougloud" "sudo $glougloud -v; bash"     \;\
+        neww -n "gg_sniff"  "sudo $gg_sniff -v -i $iface"  \;\
+        neww -n "gg_map"    "gg_map"                       \;\
+        attach-session -t glouglou
+
-- 
cgit v1.2.3-59-g8ed1b


From 4cfef96999ee7476be19b0ddac9e7d7c724bb379 Mon Sep 17 00:00:00 2001
From: Laurent Ghigonis <laurent@p1sec.com>
Date: Wed, 5 Jun 2013 03:01:06 +0200
Subject: localviz: prefer programs from PWD

---
 gg_sniff/localviz.sh | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/gg_sniff/localviz.sh b/gg_sniff/localviz.sh
index 39d8a44..75d9cdd 100755
--- a/gg_sniff/localviz.sh
+++ b/gg_sniff/localviz.sh
@@ -2,6 +2,8 @@
 
 # Wrapper script to visualize network activity on local machine
 
+PATH="./:$PATH" # for pkg
+
 glougloud=`which glougloud`
 gg_sniff=`which gg_sniff`
 gg_map=`which gg_map`
-- 
cgit v1.2.3-59-g8ed1b


From cf7b74d62150371dfbd075240bb708d177e65c77 Mon Sep 17 00:00:00 2001
From: Laurent Ghigonis <laurent@p1sec.com>
Date: Wed, 5 Jun 2013 03:01:53 +0200
Subject: add main build Makefile

---
 Makefile | 23 +++++++++++++++++++++++
 1 file changed, 23 insertions(+)
 create mode 100644 Makefile

diff --git a/Makefile b/Makefile
new file mode 100644
index 0000000..babef8d
--- /dev/null
+++ b/Makefile
@@ -0,0 +1,23 @@
+LIB = libglouglou
+DAEMON = glougloud
+PROBES = gg_sniff gg_trackproc
+CLI = gg_map 
+DIRS = $(LIB) $(DAEMON) $(PROBES) $(CLI)
+
+all:
+	-for d in $(DIRS); do (cd $$d; make); done
+
+clean:
+	-for d in $(DIRS); do (cd $$d; make clean); done
+
+install:
+	-for d in $(DIRS); do (cd $$d; make install); done
+
+pkg:
+	mkdir pkg
+	cp libglouglou/libglouglou.so \
+		glougloud/glougloud \
+		gg_sniff/gg_sniff gg_sniff/localviz.sh \
+		gg_trackproc/gg_trackproc \
+		gg_map/gg_map \
+		pkg
-- 
cgit v1.2.3-59-g8ed1b


From d5d6b5f3ff56405cda7e5ebef5b59a1a9f9e3f15 Mon Sep 17 00:00:00 2001
From: Laurent Ghigonis <laurent@p1sec.com>
Date: Wed, 5 Jun 2013 03:03:32 +0200
Subject: make pkg build .tgz

---
 Makefile | 1 +
 1 file changed, 1 insertion(+)

diff --git a/Makefile b/Makefile
index babef8d..d6257ba 100644
--- a/Makefile
+++ b/Makefile
@@ -21,3 +21,4 @@ pkg:
 		gg_trackproc/gg_trackproc \
 		gg_map/gg_map \
 		pkg
+	tar -czf pkg.tgz pkg
-- 
cgit v1.2.3-59-g8ed1b


From a8ab84a6a4537ba02e07100d44257b49a330c61e Mon Sep 17 00:00:00 2001
From: Laurent Ghigonis <laurent@p1sec.com>
Date: Wed, 5 Jun 2013 09:00:46 +0200
Subject: glougloud: option to specify listen interfaces / ports

---
 glougloud/glougloud.c | 24 ++++++++++++++++++++----
 1 file changed, 20 insertions(+), 4 deletions(-)

diff --git a/glougloud/glougloud.c b/glougloud/glougloud.c
index f30379e..d6ca4b1 100644
--- a/glougloud/glougloud.c
+++ b/glougloud/glougloud.c
@@ -37,7 +37,7 @@ usage(void)
 {
   extern char *__progname;
 
-  fprintf(stderr, "usage: %s [-hv]\n", __progname);
+  fprintf(stderr, "usage: %s [-hlLpPv]\n", __progname);
   exit(1);
 }
 
@@ -53,14 +53,30 @@ int
 main(int argc, char **argv)
 {
 	struct event *ev_sigint, *ev_sigterm, *ev_sigchld, *ev_sighup;
+	char probes_ip[30] = "127.0.0.1";
+	char analysers_ip[30] = "127.0.0.1";
+	int probes_port = GLOUGLOU_PROBE_DEFAULT_PORT;
+	int analysers_port = GLOUGLOU_ANALY_DEFAULT_PORT;
 	int loglevel = 0;
 	int op;
 
-	while ((op = getopt(argc, argv, "hv")) != -1) {
+	while ((op = getopt(argc, argv, "hl:L:p:P:v")) != -1) {
 		switch (op) {
 			case 'h':
 				usage();
 				/* NOTREACHED */
+			case 'l':
+                strncpy(probes_ip, optarg, sizeof(probes_ip));
+				break;
+			case 'L':
+                strncpy(analysers_ip, optarg, sizeof(analysers_ip));
+				break;
+			case 'p':
+                probes_port = atoi(optarg);
+				break;
+			case 'P':
+                analysers_port = atoi(optarg);
+				break;
 			case 'v':
 				loglevel++;
 				break;
@@ -89,9 +105,9 @@ main(int argc, char **argv)
 	evsignal_add(ev_sighup, NULL);
 	signal(SIGPIPE, SIG_IGN);
 
-	ggserv_probes = gg_server_start(ev_base, "127.0.0.1", GLOUGLOU_PROBE_DEFAULT_PORT,
+	ggserv_probes = gg_server_start(ev_base, probes_ip, probes_port,
 	                                prb_handle_conn, prb_handle_packet, NULL);
-	ggserv_analysers = gg_server_start(ev_base, "127.0.0.1", GLOUGLOU_ANALY_DEFAULT_PORT,
+	ggserv_analysers = gg_server_start(ev_base, analysers_ip, analysers_port,
 	                                cli_handle_conn, cli_handle_packet, NULL);
 
 	event_base_dispatch(ev_base);
-- 
cgit v1.2.3-59-g8ed1b


From 1370b225cc802fd41167238291d19c84f9ea0ced Mon Sep 17 00:00:00 2001
From: Laurent Ghigonis <laurent@p1sec.com>
Date: Wed, 5 Jun 2013 09:01:25 +0200
Subject: gg_map: option to specify glougloud server ip / port

---
 gg_map/gg_map.c | 42 +++++++++++++++++++++++++++++++++++++++++-
 1 file changed, 41 insertions(+), 1 deletion(-)

diff --git a/gg_map/gg_map.c b/gg_map/gg_map.c
index dda280c..9809977 100644
--- a/gg_map/gg_map.c
+++ b/gg_map/gg_map.c
@@ -13,6 +13,19 @@ Evas_Object  *_egraph = NULL;
 struct ggnet *_ggnet;
 struct event_base *_ev_base;
 
+#if defined(__OpenBSD__)
+void __dead
+#else
+void
+#endif
+usage(void)
+{
+	extern char *__progname;
+
+  fprintf(stderr, "usage: %s [-hv] [ip [port]]\n", __progname);
+  exit(1);
+}
+
 /* link between ecore loop and libevent loop */
 static Eina_Bool
 _cb_ecore_libevent(void *data) {
@@ -333,7 +346,34 @@ elm_main(int argc, char **argv)
   Evas_Object *bx, *bx2, *ck, *sc, *seg_it, *lb;
   Evas *evas;
   struct gg_client *ggcli;
+  char gg_serv_ip[30] = "127.0.0.1";
+  int gg_serv_port = GLOUGLOU_ANALY_DEFAULT_PORT;
   int retval = -1;
+  int loglevel = 0;
+  int op;
+
+  while ((op = getopt(argc, argv, "hv")) != -1) {
+      switch (op) {
+          case 'h':
+              usage();
+              /* NOTREACHED */
+          case 'v':
+              loglevel++;
+              break;
+          default:
+              usage();
+              /* NOTREACHED */
+      }
+  }
+  switch (argc - optind) {
+      case 2: gg_serv_port = atoi(argv[3]);
+      case 1: strncpy(gg_serv_ip, argv[2], sizeof(gg_serv_ip));
+      case 0:
+              break;
+      default:
+              usage();
+              /* NOTREACHED */
+  }
 
   win = elm_win_add(NULL, "panes", ELM_WIN_BASIC);
   evas = evas_object_evas_get(win);
@@ -437,7 +477,7 @@ elm_main(int argc, char **argv)
                      _cb_ggnet_addgroup, _cb_ggnet_delgroup);
   _ev_base = event_base_new();
 
-  ggcli = gg_client_connect(_ev_base, "127.0.0.1", GLOUGLOU_ANALY_DEFAULT_PORT,
+  ggcli = gg_client_connect(_ev_base, gg_serv_ip, gg_serv_port,
                             NULL, _cb_packet, NULL);
   if (!ggcli)
     goto quit;
-- 
cgit v1.2.3-59-g8ed1b


From 08a59db8a54bcdeb6430584b26e54adb1766e0eb Mon Sep 17 00:00:00 2001
From: Laurent Ghigonis <laurent@p1sec.com>
Date: Wed, 5 Jun 2013 09:10:04 +0200
Subject: glouglou_localsniff: move to gg_map

---
 gg_map/glouglou_localsniff.sh | 23 +++++++++++++++++++++++
 gg_sniff/localviz.sh          | 23 -----------------------
 2 files changed, 23 insertions(+), 23 deletions(-)
 create mode 100755 gg_map/glouglou_localsniff.sh
 delete mode 100755 gg_sniff/localviz.sh

diff --git a/gg_map/glouglou_localsniff.sh b/gg_map/glouglou_localsniff.sh
new file mode 100755
index 0000000..75d9cdd
--- /dev/null
+++ b/gg_map/glouglou_localsniff.sh
@@ -0,0 +1,23 @@
+#!/bin/sh
+
+# Wrapper script to visualize network activity on local machine
+
+PATH="./:$PATH" # for pkg
+
+glougloud=`which glougloud`
+gg_sniff=`which gg_sniff`
+gg_map=`which gg_map`
+iface=${1-"eth0"}
+
+if [ -z "$glougloud" -o -z "$gg_sniff" -o -z "$gg_map" ]; then
+    echo "instalation incomplete (glougloud, gg_sniff, gg_map)"
+    exit 1
+fi
+
+tmux start                                                 \;\
+        new-session -d -s glouglou                         \;\
+        neww -n "glougloud" "sudo $glougloud -v; bash"     \;\
+        neww -n "gg_sniff"  "sudo $gg_sniff -v -i $iface"  \;\
+        neww -n "gg_map"    "gg_map"                       \;\
+        attach-session -t glouglou
+
diff --git a/gg_sniff/localviz.sh b/gg_sniff/localviz.sh
deleted file mode 100755
index 75d9cdd..0000000
--- a/gg_sniff/localviz.sh
+++ /dev/null
@@ -1,23 +0,0 @@
-#!/bin/sh
-
-# Wrapper script to visualize network activity on local machine
-
-PATH="./:$PATH" # for pkg
-
-glougloud=`which glougloud`
-gg_sniff=`which gg_sniff`
-gg_map=`which gg_map`
-iface=${1-"eth0"}
-
-if [ -z "$glougloud" -o -z "$gg_sniff" -o -z "$gg_map" ]; then
-    echo "instalation incomplete (glougloud, gg_sniff, gg_map)"
-    exit 1
-fi
-
-tmux start                                                 \;\
-        new-session -d -s glouglou                         \;\
-        neww -n "glougloud" "sudo $glougloud -v; bash"     \;\
-        neww -n "gg_sniff"  "sudo $gg_sniff -v -i $iface"  \;\
-        neww -n "gg_map"    "gg_map"                       \;\
-        attach-session -t glouglou
-
-- 
cgit v1.2.3-59-g8ed1b


From b2e93d01486bd0c5a62fcc934163a6525678e9fd Mon Sep 17 00:00:00 2001
From: Laurent Ghigonis <laurent@p1sec.com>
Date: Wed, 5 Jun 2013 09:10:21 +0200
Subject: gg_map: install glouglou_localsniff.sh on make install

---
 gg_map/Makefile | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/gg_map/Makefile b/gg_map/Makefile
index 17040af..2722e39 100644
--- a/gg_map/Makefile
+++ b/gg_map/Makefile
@@ -4,6 +4,7 @@ LIBS += $(shell pkg-config --libs elementary evas ecore) -levent -lglouglou -leg
 CFLAGS += -Wall -g
 
 BINARY=gg_map
+WRAPPER=glouglou_localsniff.sh
 
 PREFIX=/usr/local
 BINDIR=$(PREFIX)/bin
@@ -15,6 +16,7 @@ install: $(BINARY)
 	@echo "installation of $(BINARY)"
 	mkdir -p $(BINDIR)
 	install -m 0755 $(BINARY) $(BINDIR)
+	install -m 0755 $(WRAPPER) $(BINDIR)
 
 clean:
 	rm -f $(BINARY) $(BINARY).o
-- 
cgit v1.2.3-59-g8ed1b


From 1bb41863b19ee48312ec7bcf6f9e2f05b9fd0719 Mon Sep 17 00:00:00 2001
From: Laurent Ghigonis <laurent@p1sec.com>
Date: Wed, 5 Jun 2013 09:18:23 +0200
Subject: update make pkg

---
 Makefile | 11 +++++++----
 1 file changed, 7 insertions(+), 4 deletions(-)

diff --git a/Makefile b/Makefile
index d6257ba..3bd53ce 100644
--- a/Makefile
+++ b/Makefile
@@ -14,11 +14,14 @@ install:
 	-for d in $(DIRS); do (cd $$d; make install); done
 
 pkg:
-	mkdir pkg
+	rm -rf pkg
+	mkdir -p pkg
 	cp libglouglou/libglouglou.so \
 		glougloud/glougloud \
-		gg_sniff/gg_sniff gg_sniff/localviz.sh \
+		gg_sniff/gg_sniff \
 		gg_trackproc/gg_trackproc \
-		gg_map/gg_map \
+		gg_map/gg_map gg_map/glouglou_localsniff.sh \
 		pkg
-	tar -czf pkg.tgz pkg
+	tar -czf glouglou_pkg_`date +%Y%m%d_%H%M`.tgz pkg
+
+.PHONY: pkg
-- 
cgit v1.2.3-59-g8ed1b


From f9f47a5955e17dd4e6f6f42261895825a7a5783d Mon Sep 17 00:00:00 2001
From: Laurent Ghigonis <laurent@p1sec.com>
Date: Wed, 5 Jun 2013 09:19:41 +0200
Subject: naming

---
 Makefile | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/Makefile b/Makefile
index 3bd53ce..3cfd829 100644
--- a/Makefile
+++ b/Makefile
@@ -1,8 +1,8 @@
 LIB = libglouglou
 DAEMON = glougloud
 PROBES = gg_sniff gg_trackproc
-CLI = gg_map 
-DIRS = $(LIB) $(DAEMON) $(PROBES) $(CLI)
+ANALYSERS = gg_map 
+DIRS = $(LIB) $(DAEMON) $(PROBES) $(ANALYSERS)
 
 all:
 	-for d in $(DIRS); do (cd $$d; make); done
-- 
cgit v1.2.3-59-g8ed1b


From caf76b946fb43242b0078039aa8678686d47e959 Mon Sep 17 00:00:00 2001
From: Laurent Ghigonis <laurent@p1sec.com>
Date: Wed, 5 Jun 2013 09:34:16 +0200
Subject: pkg naming

---
 Makefile | 9 +++++----
 1 file changed, 5 insertions(+), 4 deletions(-)

diff --git a/Makefile b/Makefile
index 3cfd829..b0be2a8 100644
--- a/Makefile
+++ b/Makefile
@@ -14,14 +14,15 @@ install:
 	-for d in $(DIRS); do (cd $$d; make install); done
 
 pkg:
-	rm -rf pkg
-	mkdir -p pkg
+	$(eval _pkgname := "glouglou_pkg_$(shell date +%Y%m%d_%H%M)")
+	mkdir -p $(_pkgname)
 	cp libglouglou/libglouglou.so \
 		glougloud/glougloud \
 		gg_sniff/gg_sniff \
 		gg_trackproc/gg_trackproc \
 		gg_map/gg_map gg_map/glouglou_localsniff.sh \
-		pkg
-	tar -czf glouglou_pkg_`date +%Y%m%d_%H%M`.tgz pkg
+		$(_pkgname)
+	tar -czf $(_pkgname).tgz $(_pkgname)
+	@echo -e "\nCreated $(_pkgname) and $(_pkgname).tgz"
 
 .PHONY: pkg
-- 
cgit v1.2.3-59-g8ed1b


From e8aafc41de3dad296ad85a1555ac596c5c9623e7 Mon Sep 17 00:00:00 2001
From: Laurent Ghigonis <laurent@p1sec.com>
Date: Wed, 5 Jun 2013 12:15:37 +0200
Subject: gg_map: printf respect loglevel

---
 gg_map/gg_map.c | 57 ++++++++++++++++++++++++++++++++-------------------------
 1 file changed, 32 insertions(+), 25 deletions(-)

diff --git a/gg_map/gg_map.c b/gg_map/gg_map.c
index 9809977..48c68f0 100644
--- a/gg_map/gg_map.c
+++ b/gg_map/gg_map.c
@@ -6,7 +6,7 @@
 #include <libglouglou.h>
 #include <libggnet.h>
 
-int _debug = 0;
+int _loglevel = 0;
 
 Evas_Object  *_mainwin;
 Evas_Object  *_egraph = NULL;
@@ -130,7 +130,7 @@ _conn_add(u_int id, u_int src, u_int dst, u_int proto, u_int8_t pktsize)
   int size, response;
 
   GG_PKTDATA_SIZE_DECODE(pktsize, size, response);
-  if (_debug)
+  if (_loglevel >= 2)
     printf("_conn_add\n");
   if (response > 0) /* cannot have a new connection that is a response */
     return;
@@ -144,7 +144,7 @@ _conn_add(u_int id, u_int src, u_int dst, u_int proto, u_int8_t pktsize)
   va = _node_to_vertice(a);
   vb = _node_to_vertice(b);
   e = egraph_edge_find(_egraph, va, vb);
-  if (_debug)
+  if (_loglevel >= 2)
     printf("_conn_add: a %d b %d e %x id %d\n", va->id, vb->id, e, id);
   if (!e) {
     if (a->group && a->group->conn_count == 1)
@@ -152,7 +152,7 @@ _conn_add(u_int id, u_int src, u_int dst, u_int proto, u_int8_t pktsize)
     if (b->group && b->group->conn_count == 1)
       _node_detach_parentgroup(b);
     e = egraph_edge_add(_egraph, va, vb, conn);
-    if (_debug)
+    if (_loglevel >= 2)
       printf("_conn_add: egraph edge added %x\n", e);
   }
   ggnet_conn_usrdata_set(conn, e);
@@ -169,7 +169,7 @@ _conn_del(int id) {
     a = ggnet_conn_src_get(conn);
     b = ggnet_conn_dst_get(conn);
     e = ggnet_conn_usrdata_get(conn);
-    if (_debug)
+    if (_loglevel >= 2)
       printf("_conn_del: conn id %d\n", id); // XXX
     ggnet_conn_del(_ggnet, conn);
     /* is there other connections between these peers ? */
@@ -177,7 +177,7 @@ _conn_del(int id) {
     if (!otherconn) {
       // XXX lets keep the edges, igraph layouting behaves badly when you have
       // a vertice without edge ...
-      if (_debug)
+      if (_loglevel >= 2)
         printf("_conn_del: edge del %x\n", e); // XXX
       egraph_edge_del(_egraph, e);
       if (a->group && a->group->conn_count == 0)
@@ -185,11 +185,11 @@ _conn_del(int id) {
       if (b->group && b->group->conn_count == 0)
         _node_attach_parentgroup(b);
     } else {
-      if (_debug)
+      if (_loglevel >= 2)
         printf("_conn_del: not last one, edge %x *not* deleted\n", e);
     }
   } else {
-    if (_debug)
+    if (_loglevel >= 2)
       printf("_conn_del: does not exist !\n");
   }
 }
@@ -235,12 +235,14 @@ _cb_packet(struct gg_client *cli, struct gg_packet *pkt)
 {
   switch(pkt->type) {
     case PACKET_NEWCONN:
-      printf("  type PACKET_NEWCONN\n");
-      printf("  newconn_id %d\n", pkt->newconn_id);
-      printf("  newconn_src %4x\n", pkt->newconn_src);
-      printf("  newconn_dst %4x\n", pkt->newconn_dst);
-      printf("  newconn_proto %d\n", pkt->newconn_proto);
-      printf("  newconn_size %d\n", pkt->newconn_size);
+      if (_loglevel >= 1) {
+        printf("  type PACKET_NEWCONN\n");
+        printf("  newconn_id %d\n", pkt->newconn_id);
+        printf("  newconn_src %4x\n", pkt->newconn_src);
+        printf("  newconn_dst %4x\n", pkt->newconn_dst);
+        printf("  newconn_proto %d\n", pkt->newconn_proto);
+        printf("  newconn_size %d\n", pkt->newconn_size);
+      }
 
       _conn_del(pkt->newconn_id); /* in case we missed a previous del */
       _conn_add(pkt->newconn_id, pkt->newconn_src, pkt->newconn_dst,
@@ -248,25 +250,31 @@ _cb_packet(struct gg_client *cli, struct gg_packet *pkt)
       break;
 
     case PACKET_DELCONN:
-      printf("  type PACKET_DELCONN\n");
-      printf("  delconn_id %d\n", pkt->delconn_id);
+      if (_loglevel >= 1) {
+        printf("  type PACKET_DELCONN\n");
+        printf("  delconn_id %d\n", pkt->delconn_id);
+      }
       
       _conn_del(pkt->delconn_id);
       break;
 
     case PACKET_DATA:
-      //printf("  type PACKET_DATA\n");
-      //printf("  data_connid %d\n", pkt->data_connid);
-      //printf("  data_size %d\n", pkt->data_size);
+      if (_loglevel >= 1) {
+        //printf("  type PACKET_DATA\n");
+        //printf("  data_connid %d\n", pkt->data_connid);
+        //printf("  data_size %d\n", pkt->data_size);
+      }
 
       _conn_data(pkt->data_connid, pkt->data_size);
       break;
 
     case PACKET_NAME:
-      printf("  type PACKET_NAME\n");
-      printf("  name_addr %4x\n", pkt->name_addr);
-      printf("  name_len %d\n", pkt->name_len);
-      printf("  name_name_fqdn %s\n", pkt->name_fqdn);
+      if (_loglevel >= 1) {
+        printf("  type PACKET_NAME\n");
+        printf("  name_addr %4x\n", pkt->name_addr);
+        printf("  name_len %d\n", pkt->name_len);
+        printf("  name_name_fqdn %s\n", pkt->name_fqdn);
+      }
 
       _conn_name(pkt->name_addr, pkt->name_len, pkt->name_fqdn);
       break;
@@ -349,7 +357,6 @@ elm_main(int argc, char **argv)
   char gg_serv_ip[30] = "127.0.0.1";
   int gg_serv_port = GLOUGLOU_ANALY_DEFAULT_PORT;
   int retval = -1;
-  int loglevel = 0;
   int op;
 
   while ((op = getopt(argc, argv, "hv")) != -1) {
@@ -358,7 +365,7 @@ elm_main(int argc, char **argv)
               usage();
               /* NOTREACHED */
           case 'v':
-              loglevel++;
+              _loglevel++;
               break;
           default:
               usage();
-- 
cgit v1.2.3-59-g8ed1b


From 37eecf9c304a40b92df497fd016795fdfc236cff Mon Sep 17 00:00:00 2001
From: Laurent Ghigonis <laurent@p1sec.com>
Date: Wed, 5 Jun 2013 12:30:57 +0200
Subject: glougloud: fix usage()

---
 glougloud/glougloud.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/glougloud/glougloud.c b/glougloud/glougloud.c
index d6ca4b1..e868e29 100644
--- a/glougloud/glougloud.c
+++ b/glougloud/glougloud.c
@@ -37,7 +37,8 @@ usage(void)
 {
   extern char *__progname;
 
-  fprintf(stderr, "usage: %s [-hlLpPv]\n", __progname);
+  fprintf(stderr, "usage: %s [-hv] [-l probes_ip] [-L analysers_ip]\n"
+          "\t\t[-p probes_port] [-P analysers_port]\n", __progname);
   exit(1);
 }
 
-- 
cgit v1.2.3-59-g8ed1b


From 4cd625522bb0a3d2347e01536518a181c04f19dd Mon Sep 17 00:00:00 2001
From: Laurent Ghigonis <laurent@p1sec.com>
Date: Wed, 5 Jun 2013 12:43:04 +0200
Subject: gg_sniff: update README to match reality and talk about filters

---
 gg_sniff/README.txt | 22 +++++++++++++++++-----
 1 file changed, 17 insertions(+), 5 deletions(-)

diff --git a/gg_sniff/README.txt b/gg_sniff/README.txt
index 8d71005..628e703 100644
--- a/gg_sniff/README.txt
+++ b/gg_sniff/README.txt
@@ -1,7 +1,5 @@
 gg_sniff - glouglou probe client for network activity
 
-WARNING: Work in progress, don't expect this to work !
-
 Requirements
 ============
 
@@ -13,14 +11,28 @@ Requirements
 Installation
 ============
 
-git clone git@meg:glouglou
-cd gg_sniff
 make && sudo make install
 
 Usage
 =====
 
-gg_sniff -i eth0
+sudo gg_sniff
+
+sudo gg_sniff -i eth0
+
+sudo gg_sniff -i eth0 10.137.2.9
+
+sudo gg_sniff -f "net 10.137.1.0/24 and not port 4430 and not port 4431 and not port 53" 10.137.2.9
+
+(10.137.2.9 is where glougloud is)
+
+Notes on capture
+================
+
+By default gg_sniff captures on any interfaces (works on Linux only).
+By default the capture filter is "not port 4430 and not port 4431 and not port 53".
+You can change it via -f, but dont forget to keep filtering out port 4430 and
+port 4431 because those are the ports used by glouglou itself !
 
 Notes on architecture and security
 ==================================
-- 
cgit v1.2.3-59-g8ed1b


From 96dca2aca065b1e60be88d2b7c553f7769df4e5e Mon Sep 17 00:00:00 2001
From: Laurent Ghigonis <laurent@p1sec.com>
Date: Wed, 5 Jun 2013 13:05:52 +0200
Subject: gg_sniff: add -f <libpcap filter>

---
 gg_sniff/gg_sniff.c | 14 +++++++++-----
 gg_sniff/gg_sniff.h |  2 +-
 gg_sniff/pcap.c     |  8 +++++---
 3 files changed, 15 insertions(+), 9 deletions(-)

diff --git a/gg_sniff/gg_sniff.c b/gg_sniff/gg_sniff.c
index cd2d2c5..8ee6de1 100644
--- a/gg_sniff/gg_sniff.c
+++ b/gg_sniff/gg_sniff.c
@@ -39,7 +39,7 @@ usage(void)
 {
 	extern char *__progname;
 
-  fprintf(stderr, "usage: %s [-hv] [-i interface] [ip [port]]\n", __progname);
+  fprintf(stderr, "usage: %s [-hv] [-f filter] [-i interface] [ip [port]]\n", __progname);
   exit(1);
 }
 
@@ -60,6 +60,7 @@ main(int argc, char **argv)
 	struct event *ev_sigint, *ev_sigterm, *ev_sigchld, *ev_sighup;
 	char ggserv_ip[30] = "127.0.0.1";
 	char *iface = NULL;
+	char *filter = NULL;
 	int ggserv_port = GLOUGLOU_PROBE_DEFAULT_PORT;
 	int pcap_init = 0;
 	int loglevel = 0;
@@ -70,11 +71,14 @@ main(int argc, char **argv)
 	if (geteuid() != 0)
 		errx(1, "must be root");
 
-	while ((op = getopt(argc, argv, "ahi:v")) != -1) {
+	while ((op = getopt(argc, argv, "af:hi:v")) != -1) {
 		switch (op) {
       case 'a':
         active = 1;
         break;
+			case 'f':
+                filter = strndup(optarg, 256);
+                break;
 			case 'h':
 				usage();
 				/* NOTREACHED */
@@ -90,8 +94,8 @@ main(int argc, char **argv)
 		}
 	}
 	switch (argc - optind) {
-  case 2: ggserv_port = atoi(argv[3]);
-  case 1: strncpy(ggserv_ip, argv[2], sizeof(ggserv_ip));
+  case 2: ggserv_port = atoi(argv[optind+1]);
+  case 1: strncpy(ggserv_ip, argv[optind], sizeof(ggserv_ip));
   case 0:
     break;
   default:
@@ -110,7 +114,7 @@ main(int argc, char **argv)
 	ggcli = gg_client_connect(_ev_base, ggserv_ip, ggserv_port, NULL, NULL, NULL);
 	if (!ggcli)
 	  goto quit;
-  pcap_init = ggsniff_pcap_init(_ev_base, ggcli, net, iface, active);
+  pcap_init = ggsniff_pcap_init(_ev_base, ggcli, net, iface, active, filter);
 	if (!pcap_init)
 	  goto quit;
 
diff --git a/gg_sniff/gg_sniff.h b/gg_sniff/gg_sniff.h
index f848c88..5cbd1fd 100644
--- a/gg_sniff/gg_sniff.h
+++ b/gg_sniff/gg_sniff.h
@@ -1,5 +1,5 @@
 /* pcap.c */
 
 int ggsniff_pcap_init(struct event_base *, struct gg_client *,
-                      struct ggnet *, char *, int);
+                      struct ggnet *, char *, int, char *);
 void ggsniff_pcap_shutdown(void);
diff --git a/gg_sniff/pcap.c b/gg_sniff/pcap.c
index 72b9133..ac27b33 100644
--- a/gg_sniff/pcap.c
+++ b/gg_sniff/pcap.c
@@ -98,7 +98,7 @@ static struct _cap_t _cap;
 
   int
 ggsniff_pcap_init(struct event_base *ev_base, struct gg_client *ggcli,
-    struct ggnet *net, char *iface, int active)
+    struct ggnet *net, char *iface, int active, char *filter)
 {
   char errbuf[PCAP_ERRBUF_SIZE];
   struct bpf_program bprog;
@@ -114,9 +114,11 @@ ggsniff_pcap_init(struct event_base *ev_base, struct gg_client *ggcli,
     err(1, "capture: pcap_open_live failed on interface %s\n"
         "with snaplen %d : %s",
         iface, PCAP_SNAPLEN, errbuf);
-  if (pcap_compile(pcap, &bprog, PCAP_FILTER, 0, 0) < 0)
+  if (!filter)
+      filter = strndup(PCAP_FILTER, 256);
+  if (pcap_compile(pcap, &bprog, filter, 0, 0) < 0)
     err(1, "capture: pcap_compile failed with filter %s : %s",
-        PCAP_FILTER, pcap_geterr(pcap));
+        filter, pcap_geterr(pcap));
   if (pcap_setfilter(pcap, &bprog) < 0)
     err(1, "capture: pcap_setfilter failed : %s",
         pcap_geterr(pcap));
-- 
cgit v1.2.3-59-g8ed1b


From f5864cd5bd3d32f08afc85d0a1ac683d30c032f8 Mon Sep 17 00:00:00 2001
From: Laurent Ghigonis <laurent@p1sec.com>
Date: Wed, 5 Jun 2013 13:49:58 +0200
Subject: gg_map: mention 'efx' is needed

---
 gg_map/README.txt | 1 +
 1 file changed, 1 insertion(+)

diff --git a/gg_map/README.txt b/gg_map/README.txt
index 5b5146e..2984280 100644
--- a/gg_map/README.txt
+++ b/gg_map/README.txt
@@ -12,6 +12,7 @@ WARNING: Work in progress, don't expect this to work !
 http://www.enlightenment.org
   * evas
   * elementary
+  * efx (git clone git://git.enlightenment.org/devs/discomfitor/efx.git)
 
 TODO
 ====
-- 
cgit v1.2.3-59-g8ed1b


From bd8006328b50a1fe636712120041f13a3a343703 Mon Sep 17 00:00:00 2001
From: Laurent Ghigonis <laurent@p1sec.com>
Date: Wed, 5 Jun 2013 13:52:06 +0200
Subject: gg_map: indicate git clone command for dependencies

---
 gg_map/README.txt | 10 ++++------
 1 file changed, 4 insertions(+), 6 deletions(-)

diff --git a/gg_map/README.txt b/gg_map/README.txt
index 2984280..2fb7960 100644
--- a/gg_map/README.txt
+++ b/gg_map/README.txt
@@ -6,13 +6,11 @@ WARNING: Work in progress, don't expect this to work !
 
 * libglouglou
 
-* egraph
-
-* Enlightenment Foundation Libraries
-http://www.enlightenment.org
-  * evas
-  * elementary
+* Enlightenment Foundation Libraries - http://www.enlightenment.org
+  * efl (git clone git://git.enlightenment.org/core/efl.git)
+  * elementary (git clone git://git.enlightenment.org/core/elementary.git)
   * efx (git clone git://git.enlightenment.org/devs/discomfitor/efx.git)
+  * egraph (git clone git://git.enlightenment.org/devs/kiwi/egraph.git)
 
 TODO
 ====
-- 
cgit v1.2.3-59-g8ed1b


From 28e0d819faa3e9684074279ee0df7a2ea92280d8 Mon Sep 17 00:00:00 2001
From: Laurent Ghigonis <laurent@p1sec.com>
Date: Wed, 5 Jun 2013 14:00:45 +0200
Subject: gg_map: update example

---
 gg_sniff/README.txt | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/gg_sniff/README.txt b/gg_sniff/README.txt
index 628e703..095384c 100644
--- a/gg_sniff/README.txt
+++ b/gg_sniff/README.txt
@@ -22,7 +22,7 @@ sudo gg_sniff -i eth0
 
 sudo gg_sniff -i eth0 10.137.2.9
 
-sudo gg_sniff -f "net 10.137.1.0/24 and not port 4430 and not port 4431 and not port 53" 10.137.2.9
+sudo gg_sniff -v -f "not port 4430 and not port 4431 and net 10.137.2.0/24" 10.137.2.9
 
 (10.137.2.9 is where glougloud is)
 
-- 
cgit v1.2.3-59-g8ed1b


From d581733f19f0ddd7a0229cf7c19cbcad45352c8c Mon Sep 17 00:00:00 2001
From: Laurent Ghigonis <laurent@p1sec.com>
Date: Wed, 5 Jun 2013 14:06:47 +0200
Subject: gg_sniff: be less verbose

---
 gg_sniff/pcap.c | 16 ++++++++--------
 1 file changed, 8 insertions(+), 8 deletions(-)

diff --git a/gg_sniff/pcap.c b/gg_sniff/pcap.c
index ac27b33..6ec710b 100644
--- a/gg_sniff/pcap.c
+++ b/gg_sniff/pcap.c
@@ -283,7 +283,7 @@ my_pcap_open_live(const char *dev, int slen, int promisc, int to_ms,
   static void
 cb_pcap(int fd, short why, void *data)
 {
-  gg_log_tmp("cb_pcap");
+  //gg_log_tmp("cb_pcap");
   pcap_dispatch(_cap.pcap, PCAP_COUNT, _cap.handler, NULL);
 
   /* reschedule */
@@ -473,7 +473,7 @@ ip_handle(struct ip *ip, const u_char *pend, u_int wirelen)
      * if this isn't the first frag, we're missing the
      * next level protocol header.
      */
-    gg_log_tmp("user: got a fragmented ip packet !");
+    gg_log_debug("user: got a fragmented ip packet !");
   }
 
   pkt.ver = PACKET_VERSION;
@@ -528,16 +528,16 @@ ether_handle(struct ether_header *ether, const u_char *pend, u_int wirelen)
 
   ether_type = ntohs(ether->ether_type);
   if (ether_type <= ETHERMTU)
-    gg_log_tmp("llc packet !");
+    gg_log_debug("llc packet !");
   else {
     switch (ether_type) {
       case ETHERTYPE_IP:
-        gg_log_tmp("loop family AF_LINK IP");
+        gg_log_debug("loop family AF_LINK IP");
         ip = (struct ip *)((u_char *)ether + sizeof(struct ether_header));
         ip_handle(ip, pend, wirelen);
         break;
       default:
-        gg_log_tmp("loop non ip packet !");
+        gg_log_debug("loop non ip packet !");
         break;
     }
   }
@@ -611,7 +611,7 @@ phandler_sll(u_char *user, const struct pcap_pkthdr *h, const u_char *p)
         ep = (struct ether_header *)((u_char *)p + SLL_HDR_LEN);
         ether_handle(ep, pend, len);
       default:
-        gg_log_tmp("unknown family %x !", family);
+        gg_log_debug("unknown family %x !", family);
         break;
     }
   } else {
@@ -648,7 +648,7 @@ phandler_loop(u_char *user, const struct pcap_pkthdr *h, const u_char *p)
   family = ntohl(family);
   switch (family) {
     case AF_INET:
-      gg_log_tmp("loop family AF_INET");
+      gg_log_debug("loop family AF_INET");
       ip = (struct ip *)(p + NULL_HDRLEN);
       ip_handle(ip, pend, len);
       break;
@@ -657,7 +657,7 @@ phandler_loop(u_char *user, const struct pcap_pkthdr *h, const u_char *p)
       ether_handle(ep, pend, len);
       break;
     default:
-      gg_log_tmp("unknown family %x !", family);
+      gg_log_debug("unknown family %x !", family);
       break;
   }
 }
-- 
cgit v1.2.3-59-g8ed1b


From 90c1d18c30c536bc6e8137802d97ff1a39121870 Mon Sep 17 00:00:00 2001
From: Laurent Ghigonis <laurent@p1sec.com>
Date: Wed, 5 Jun 2013 15:21:00 +0200
Subject: gg_map: fix dependencies description

---
 gg_map/README.txt | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/gg_map/README.txt b/gg_map/README.txt
index 2fb7960..4a92b49 100644
--- a/gg_map/README.txt
+++ b/gg_map/README.txt
@@ -6,11 +6,11 @@ WARNING: Work in progress, don't expect this to work !
 
 * libglouglou
 
+* egraph (git clone git://git.enlightenment.org/devs/kiwi/egraph.git)
+
 * Enlightenment Foundation Libraries - http://www.enlightenment.org
   * efl (git clone git://git.enlightenment.org/core/efl.git)
   * elementary (git clone git://git.enlightenment.org/core/elementary.git)
-  * efx (git clone git://git.enlightenment.org/devs/discomfitor/efx.git)
-  * egraph (git clone git://git.enlightenment.org/devs/kiwi/egraph.git)
 
 TODO
 ====
-- 
cgit v1.2.3-59-g8ed1b