sniffy - pseudo terminal sniffer/loger The sniffy project allows to trace/log the data of any pseudo terminal in the system. Due to the way the terminal works, such a terminal trace provides complete information of what happened on the terminal screen and sniffy is able to display/replay this information. The sniffy project consist of - kernel module able to connect/hook on pseudo terminal - program able to display content of any pseudo terminal on fly - daemon process tracing the pseudo terminal content into the file - replay program allowing to replay any stored pseudo terminal session The usage of pseudo terminals in applications like ssh/telnet/X terminals, makes the sniffy project quite attractive. It could be obviously used for various purposes. One of the most sane usage could be ssh access session monitoring of some guarded server. Any action on such a server through the ssh is then documented and could be replayed. [sniffy sf page] [latest release] [olsajiri@gmail.com ] [homepage]
FEATURES [x] sniffer - adhoc watch input/output any selected pty - daemon to watch all/new pty - client to connect to daemon and display data of any currently traced pty [x] trace - store pty data to the file for both adhoc/daemon [x] replay - replay stored pty data [x] kernel - tested with 2.6.25.4 and higher DEPENDS [x] netlink library - [libnl] RELEASE NOTES [x] sniffy 0.1.1 (3/11/2008) x first one (from initial hack to release) TODO [-] sniffy 0.1.2 - bug fixies [-] sniffy 0.2 - traces - store traces according to the user name - trace working as circular buffers or have a size limit on the trace file, when crossing this limit, create a new file - compression, better design from space point of view - reprint the display on demand (like CTRL-L keypress in terminal) - better GUI - sort terminal display ('l' command) - docs - hook on mount/unmount devpts - automated tests - config file support - make replay code more inteligent (redesign)