-
Notifications
You must be signed in to change notification settings - Fork 1
/
TODO
30 lines (21 loc) · 1.16 KB
/
TODO
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
IXP Watch Documentation - Robert Lister <[email protected]>
TODO LIST
=========
* Maybe some realtime support for reading tshark output from stdin so
that immediate alerts could be sent as soon as bad traffic is seen
rather than waiting until the end of the session to report if found in
the sample.
* More in-depth analysis of frames to help with debugging, for example,
there are occasions where it would be useful not only to e-mail me
about the frame, but to e-mail me a decode of the actual frame, to
save having to dig it out of the sample file.
- Haven't found a practical way to do this yet. When do we 'give up'
trying to extract packets?
- Probably write some sort of "dumpframe..." wrapper around tshark
that dumps a specifc frame matching an IP address or MAC address/frame no.
* Better handling of random jitter/garbage frames.
* Delete the alarm and active state files on an age basis.
* Graphing support/output to mrtg, rrd or gnuplot script for historical
graph view of number of ARPS/dead BGP sessions.
- Implemented in 1.7: output of metrics to a stats file.
- Implemented in 1.9: Basic HTML report and RRD graph support.