Specter is a logging tool for Linux netfilter that operates in the user-space. It allows users to monitor and record network traffic easily.
If you are running a Linux firewall and require fast and reliable logging software, then Specter is what you need. The software works with standard ipt_ULOG netfilter target modules, and no kernel patches are needed. Being a userspace application, it introduces much lower security and stability risk than any kernel module. Specter's power lies in its plugins, allowing users to define where the received packet data should go and how it should be interpreted.
The software's list of standard input and output plugins is vast, but writing your own is easy as the code is well-documented. Specter is a universal firewall logging utility that is free software licensed under GPL. Users can use it however they want, learn from its code, add their own enhancements, and pass them further on for free.
Specter is based on Harald's Welte ulogd 1.02, but it has a slightly different approach. Its modularized structure and highly-configurable parameters, combined with neat netfilter's design, provide users with much freedom in setting up logging facilities. In addition to saving packets into files or databases, Specter allows users to do other interesting things, like making their keyboard blink in case of high net traffic or any other user-defined condition.
The latest version of Specter comes with various improvements and bug fixes. These include SSL connections support for MYSQL and PGSQL plugins, fixed building with pgsql 8.0, updated documentation and more. Additionally, Specter has two new plugins, EXEC that executes given commands when a packet is received, and HTTP which parses HTTP traffic. The software also has an extended configuration syntax, and the possibility to divide packets into many execution blocks. Users can learn more about this by reading the online documentation.
Version 1.4: N/A