Here are some questions about LaBrea that come up frequently on the mailing list.
The short answer is no.
Labrea still uses WinPcap 2.3. And I finally noticed in the fine print that WinPcap doesn't seem to support XP... (which explains why so many people were writing about problems with XP -( ).
Upgrading WinPcap support could also involve libdnet changes so is non-trivial. (But it sure would make a great project for someone who wants to dive into those bits and get down and dirty!).
I realize how important XP has become so this is definitely on my todo list.
There's a great Perl package that runs off the Labrea log file to show what's happening.
In my infinite wisdom, I decided to update the statistics to show bandwidth calculations in Kilobytes instead of bits. After all, pipes are bigger and bigger these days.
However Michael (the LaBrea::Tarpit author) pointed out that the maximum bandwidth on high-volume labrea sites is maybe 30 Kb/sec since a thread averages 1-2 bytes/sec. The result is that the bandwidth is mostly always zero with the new stats.
To fix this, I am going to update the code to allow people to choose which bandwidth calculation they want.
Well it is sometimes said that labrea is not for the faint of heart. And for historical reasons, it does suffer a bit from feature creep.
But labrea can break things in the network. Repeat again. labrea can break things in the network.
So that's why we try to encourage people to read the README.
However you look like a nice person. So just this once I'll make an small exception ...
Login as root, and maybe try something like this to get going:
labrea -z -s -o -b -p 10000 -i eth1 (where eth1 is your interface).
Just don't tell Tom L. I told you.
| lorgor <lorgor@users.sourceforge.net> |