Portwatch
--------------------------------
By Mark Kamichoff
kamicm@rpi.edu

Contents
--------------------------------

I. Introduction
II. Building and Installing
III. Known bugs

--------------------------------

I. Introduction

Portwatch is a very sample application.  It watches a specific TCP port
on a UNIX-based system.  I'm not going to explain much about ports or
IP addresses, because you probably should be familiar with most of that
if you're running this program.

When this program is run with a TCP port as the one argument, it will
simply display the connections to the screen, attempt to look up the
PTR name record, and display the time and date of the connection.
That's it!  Clean and simple.

Sample syntax is:

portwatch 8080

This will listen for connections to port 8080, a common HTTP-proxy
port.  So if you think people might be thinking you're a proxy server,
just run this and watch for connections.

If you want to redirect to a file, use:

portwatch 8080 1> output.log

Where output.log is the output file.  If you want to include errors
that might prevent the program from starting (why would you want to do
this anyway?) use 1> and 2> for stdout and stderr redirection.

You can also throw this program in the background like this:

portwatch 8080 1> output.log &

Just make sure to exit your shell gracefully, a SIGTERM or
equivelant signal will blow away all child processes of the shell.

II. Building and Installing

To build portwatch, just use the GNU make tool:

make

If you want to install it, you can do:

make install

This will copy the binary (no docs yet, heh) to /usr/local/sbin.  If
you want to modify the destination directory, edit the Makefile.  It's
pretty simple.

III. Known bugs

There are many.  First of all, I've been developing this on vacation
and don't have a stable net connection nor many systems to test it on.
As of now, I only know for sure that this compiles and runs fine on
Linux 2.4 systems.  I know for a fact that Sun Solaris might have
trouble finding the socket libraries by default, there's a gcc option
available, but I'm not sure of it yet.  I guess this can be considered
a bug.

I have a ChangeLog and TODO file available included with the
distribution, you might want to look at those...
