Astaro Flow Classifier README
------------------------------------------------------------------------



ABOUT
:::::::


The Astaro Flow Classifier daemon, afcd, allows network traffic to be
analyzed by a third-party classification engine in userland. It is designed
to detect traffic of ``recreational'' protocols used for instant messaging
and peer-to-peer file sharing.

Network packets are sent to afcd via the Linux kernel's NFQUEUE mechanism.
The afcd program subscribes to a configured queue, and for each classified
(and detected as part of a certain protocol) packet, a configurable Netfilter
MARK value is set. The system packet filter can then act upon those marked
packets, such as blocking them or performing QoS.



PREREQUISITES
:::::::::::::::

- libpcap (any somewhat recent version)
  http://www.tcpdump.org/
- libevent 1.x (patched 1.3e recommended)
  http://www.monkey.org/~provos/libevent/
- libnfnetlink
  http://www.netfilter.org/projects/libnfnetlink
- libnetfilter_conntrack
  http://www.netfilter.org/projects/libnetfilter_conntrack/
- libnetfilter_queue
  http://www.netfilter.org/projects/libnetfilter_queue/
- glib 2
  http://www.gtk.org/

INSTALLATION
::::::::::::::


Afcd uses the GNU auto-tools to configure, build and install on UNIX-flavored
systems. The compilation and installation process boils down to the usual

    $ ./configure --help | less         # Skim over the available
                                        # options.
    $ ./configure [options] && make && [sudo] make install
                                        # Configure, build and install
                                        # [as root] the software.

If this procedure is unfamiliar to you, please consult the INSTALL file
for more detailed instructions.



USAGE
:::::::


Afcd comes with manuals. After the installation, ready afcd(8) and
afc-plugin(3) to get started.

