CERT/CC
background
background
CERT NetSA Security Suite 
Open Source Tools for Network Monitoring 
News | Documentation | Downloads
YAF 0.8.1 | NAF 0.6.0 | SiLK 1.0.1 | RAVE 1.9.9
fixbuf 0.7.3 | ipa 0.2.1 | airdbc 0.2.2 | airframe 0.7.2 | Portal 0.8.0
Airframe - Documentation
Documentation | Downloads

Manuals

The tools are documented by their man pages; see airdaemon(1), and filedaemon(1) for details.

API

For information on using the airframe library, refer to the libairframe Doxygen documentation

Building

Airframe requires glib 2.6.4 or later (2.8.x is OK). Build and install glib before building Airframe. Note that glib is also included in many operating environments or ports collections.

Airframe uses a reasonably standard autotools-based build system. The customary build procedure (./configure && make && make install) should work in most environments.

Packet capture sources require libpcap; airframe's ./configure script should find libpcap automatically. If not, you may need to supply the path to pcap's headers and libraries in CFLAGS and LDFLAGS on the ./configure command line, respectively. Note that YAF and NAF 0.7.0 or later do _not_ use airframe as a packet capture source. MIO UDP and TCP sources and sinks support IPv6 on dual-stack machines out of the box; this support is only enabled if the configure script can find the getaddrinfo(3) function.

MIO UDP and TCP sources and sinks support IPv6 on dual-stack machines out of the box; this support is only enabled if the configure script can find the getaddrinfo(3) function.

Known Issues

In general, Airframe is beta quality software. Not every reasonable combination of input and configuration has been tested. Be aware of this before using Airframe in production environments.

YAF | NAF | SiLK | RAVE | fixbuf | ipa | airdbc | airframe | Portal
Airframe is part of the NetSA Security Suite, developed by the CERT NetSA group
at the Software Engineering Institute at Carnegie Mellon University.

© 2008 Carnegie Mellon University