First of all sorry for my clumsy English.General Information:===================fprobe: a NetFlow probe - libpcap-based tool that collect networktraffic data and emit it as NetFlow flows towards the specifiedcollector.URL: http://fprobe.sourceforge.netCompiling and installing:=========================Read INSTALL file for basic installation instructions. Below I'll try todescribe advanced compilation options.--with-pcap=<path>      pcap.h location--with-libpcap=<path>   libpcap locationThese are self-explaining options. They specify location of libpcapheaders and library files respectively.Example:--with-pcap=/usr/local/pcap/include--with-libpcap=/usr/local/pcap/lib --with-membulk=<mode>   indexing mode: index8|index16|ptr [default=ptr]This option concerns to memory management and defines indexing mode andmaximum memory bulk size. I only shall tell, that the `index8' is mostfrugal mode, `ptr' - fastest and `index16' somewhere in the middle. --with-hash=<type>      hash type: xor8|xor16|crc16 [default=xor16]fprobe use hashing to speedup flows cache searching. This optionspecifies the hash type. `xor8' is very frugal with memory - it usesonly 1Kb (on 32-bit systems) for internal flows cache structure while`xor16' and `crc16' - 256Kb. But, on the other hand, bigger cache givesbetter performance.--enable-uptime_trick   enable uptime trick [default=yes]Maybe later...--enable-icmp_trick     enable icmp trick [default=yes]If this option enabled fprobe will store ICMP type and code in srcportand dstport NetFlow fields.--enable-debug          enable debugging [default=no]You may select different events for debugging: (C)apture, (U)npending,(S)can, (E)mit, (M)emory, (F)ill and (I)nfo. Most interesting (for enduser) from above is Info debugging - you may get general statistic aboutcaptured packets, emitted flows, allocated memory, using kill -s USR1.Don't forget to run fprobe with `-v7' otherwise you'll not see debuggingoutput.Example:--enable-debug (enable all events debugging)--enable-debug=I,C,U,E (enable Info, Capture, Unpending and Emit debugging)--enable-messages       enable runtime messages [default=no]This option enables non-fatal runtime errors reporting. Be carefull - itmay flood your syslog.Useful links:=============nProbe - NetFlow probe by Luca Deri:http://www.ntop.org/nProbe.htmlfprobe (namesake of mine project) - NetFlow probe by Bogdan Surdu:http://psi.home.ro/flowSoftflowd - traffic analyzer capable of Cisco NetFlow data export:http://www.mindrot.org/softflowd.htmlCisco's NetFlow links:http://www.cisco.com/go/netflowExcellent links collection about Network Monitoring and Analysis:http://www.switch.ch/tf-tant/flomaContacts:=========Feel free to send any questions, comments, bug reports etc.Contributions are welcome, including cosmetic fixes and pointing outusability problems.Sincerely yours,Slava Astashonok <sla@0n.ru>