I started implementing this because I am thinking of making prads a bit more connection oriented. In stead of branching prads, I started a small perl script, and I quickly saw that it could do well as a standalone daemon in my sguil environment. So it now has its own life.
I will polish a bit more on it, and then start porting the functionality into prads for some performance testing. The idea, is that making prads aware of connections, one can do regexp on parts of the traffic, and not the whole traffic (to save cpu cycles on tcp/udp service/client detection).
Check it out/Clone it! Feedback is always wellcome!
“Know your connections!”