this is release v1.2 of iplog -- tcp, udp, and icmp logging utilities for Linux.

*	a few things were changed since v1.1.  for the most part, it's just
	handling of various errors and fixing of some defines, but they make
	it work without any trouble...


I know this is about the fourth "ip logging" type of program to come up recently
but i looked at the other ones, and this is what i've had sitting on my hd for
over a month or two.. soo..

Make sure you edit config.h!
		
tcplog	it was originally a hack of Mike Edulla's iplogger, but it hardly
		resembles it now.  it has a lot more features..  edit config.h for more
		adjustability.  this tcplog also detects several forms of port-scanning
		methods that would be stealthy but *can* be detected.

		it fetches remote identd requests but, as this iplog always has, does
		not attempt to fetch the username if the port is not listening, which
		will always return NO-USER.

		this version uses dns caching to make life easier on a slow connection
		or with a dumbshit nameserver.  these caches expire after 30 minutes of
		use.


udplog	at the time this was originally concocted, no other udplogs were around
 		(bleh) but now there are, and i think they suck.  the biggest problem
		i saw was that they ignored everything from src port 53.. this udplog
		reads the valid nameservers from /etc/resolv.conf and ignores datagrams
		from src port 53 of these addresses.  the name_resolve() function is
		from route's libnet.  it also will log uses of traceroute(1) if
		their sport/dport are in range.  (ftp.ee.lbl.gov/traceroute.tar.Z)

icmplog	this is much more informative than most of the icmplogs i've seen, but
		i don't want to go into writing anything more into it.  if you need to
		know what every damn icmp packet coming to your ip means, you should 
		just type 'tcpdump -vv icmp'. (ftp.ee.lbl.gov/tcpdump.tar.Z)


thanks to everyone who helped me fix the buggy shit in v1.1 and fix it for
various distributions.

thanks to Odin for lots of help and stuff.  make sure to get his excellent 
program, the OJNK ident daemon, at http://www.ojnk.nu/~odin/oidentd-1.6.0.tar.gz
Go forth and use it; do not be lame, lest the good name of OJNK be tarnished.

if you have actual problems (not how to compile it, etc) or have ideas for more
functionality, mail me at eric@ojnk.nu
