Requirements
------------
	
	libpcap 0.7.2 or higher. 

	You can use earlier versions if you hack your libpcap include files
	to fix a minor C++ bug in the pcap.h header file as described in
	README.


Using
-----

	The command line arguments netdumpd takes are a subset of those that
	tcpdump takes. The -w argument (which tells netdumpd where to write
	the packets to) is required. 

		netdumpd -i eth0 -w /var/log/netdump

	You can also specify a BPF filter:

		netdumpd -i eth0 -w /var/log/netdump src 10.0.0.1 and port 80

	If netdumpd sucessfully started, you should see a message about
	starting up in your syslog (daemon facility) or an error as to why
	not.

	The log can be rotated similar to other types of logs:

		mv /var/log/netdump /var/log/netdump.1
		killall -HUP netdumpd
	
	You should then see a message about re-opening the log file in your
	syslog.

	netdumpd will gracefully close the log file & exit when it receives
	SIGTERM.	


Building and Installing
-----------------------

	To build and install:

		./configure
		make
		make install

	Run ./configure --help to see a list of options to change things
	like the installation directory.

	If configure tells you you don't have pcap.h when you do, or if make
	fails with previous declaration errors, see README.