For instructions covering the installation, configuration, and use of
the packet vault, see doc/ops.html.

For an introduction to the packet vault source code, read doc/ops.html,
the brief introduction below, and then the README files in each
directory.

The packet vault software has the following components:

listener: When the kernel gets a packet from the network interface, it
  passes a copy to the BPF subsystem.  The BPF code buffers incoming
  packets and periodically writes them to a file in a memory file system
  (mfs).  Though this is done in-kernel by a specially modified version
  of the BPF code, the operation is overseen by a user-space
  ``listener'' process.  When the destination mfs file exceeds 16
  Megabytes, or when more than a minute passes, the listener renames the
  file and starts a new file.  We call each resulting raw packet file a
  ``segment''.  The code for the listener is in the listen directory,
  and the kernel bpf modifications are in the sys/net directory.
encrypter: The encrypter reads each new segment from mfs, encrypts it,
  and writes the result to disk.  The main code for the encrypter is in
  the dump directory.
archiver: Each gigabyte's worth of encrypted segments is collected into
  a ``volume''.  The archiver encrypts the volume key and translation
  table key using a public key and writes the result, together with all
  of the encrypted segments, to tape.  Multiple volumes may be written
  to one tape.  The code for the archiver is contained in the pilot
  directory, along with the pilot.tcl script which oversees the
  operation of the listener and the encrypter and is responsible for
  generating volume and translation table keys.
decrypter: The code in the decrypt directory is responsible for
  decrypting segments, and the pilot/retrieve.pl script uses that code
  to retrieve and decrypt volumes on tape.

In addition, the cryptographic routines are isolated in the crypto
directory, which in turn uses the code in the des and crypto/rijndael
directories for the DES and AES algorithms, respectively.  The bpf
directory has a few functions for reading the raw packet files which are
created by the listener.
