SEARCH
NEW RPMS
DIRECTORIES
ABOUT
FAQ
VARIOUS
BLOG

 
 
Changelog for yaf-devel-2.9.0-1.fc23.x86_64.rpm :

* Mon Oct 23 2017 Lawrence Rogers 2.9.0-1
* Release 2.9.0-1 nDPI library suppport added Added NTP applabel Added RFC5610 template metadata (name and description) record output. Add option --no-vlan-in-key to drop VLAN ID from hash calculation Minor Bug Fixes
* Sun Oct 22 2017 Lawrence Rogers 2.8.4-3
* Release 2.8.4-3 Build with new version of pfring
* Fri Jan 20 2017 Lawrence Rogers 2.8.4-2
* Release 2.8.4-2 Build with option --with-pfring
* Thu Apr 14 2016 Lawrence Rogers 2.8.4-1
* Release 2.8.4-1 2.8.4 Fix incompatibility with older versions of libpcap introduced in 2.8.3 2.8.3 Important bug fix for versions 2.8.x. Fixes a bug in decoding specific TCP Options headers.
* Tue Apr 05 2016 Lawrence Rogers 2.8.2-1
* Release 2.8.2-1 Fix application labeling bug introduced in 2.8.0 which incorrectly labels particular REGEX labels Other Bug Fixes
* Thu Feb 04 2016 Lawrence Rogers 2.8.1-1
* Release 2.8.1-1 Fix compile error when configured with --disable-payload Force buffer emit with IPFIX Options record when inactive
* Tue Dec 22 2015 Lawrence Rogers 2.8.0-1
* Release 2.8.0-1 Remove support for fixbuf releases prior to libfixbuf-1.7.0 PF_RING support PF_RING ZC (Zero Copy) support Add support for gzip\'d PCAP files Add support for decoding MPTCP headers and exporting MPTCP information Add LUA configuration file for yaf startup New SSL Server Name field export from TLS/SSL Client Hello New option for exporting entire X.509 Certificate Add Fragment flag to flowAttributes to signify that a flow contained fragmented packets DHCP fingerprinting plugin now exports basic list of options by default ipfixDump prints number of records for each template Bug Fix for labeling DNS over TCP Bug Fix for reverseFlowDeltaMilliseconds field Bug Fix for collecting X.509 Certificates through a proxy More detailed information about ignored packets on termination/SIGUSR1
* Tue Oct 20 2015 Lawrence Rogers 2.7.1-3
* Release 2.7.1-3 New release built with libfixbuf 1.7.1.
* Tue Jul 07 2015 Lawrence Rogers 2.7.1-2
* Release 2.7.1-2 New release built with libfixbuf 1.7.0
* Tue Jan 27 2015 Lawrence Rogers 2.7.1-1
* Release 2.7.1-1 Fix a bug with --flow-stats in particular configurations
* Wed Jan 07 2015 Lawrence Rogers 2.7.0-1
* Release 2.7.0-1 New Gh0st RAT Application Label New NetBIOS Datagram Service Application Label yafMeta2Pcap can now accept IPFIX input getFlowKeyHash now exports IPFIX Support for indexing PCAPNG files New YAF option --no-output to produce no IPFIX output New YAF options --hash and --stime to search for a single flow with the given hash and start time DNS DPI now exports query section of resource record for all responses with nonzero RCODE Faster searching of pcap-meta files Implement SAME_SIZE flag for TCP flows Minor Bug Fixes
* Mon Dec 08 2014 Lawrence Rogers 2.6.0-4
* Release 2.6.0-4 New release built with libfixbuf 1.6.2
* Wed Oct 15 2014 Lawrence Rogers 2.6.0-3
* Release 2.6.0-3 New release built with libfixbuf 1.6.1
* Tue Sep 30 2014 Lawrence Rogers 2.6.0-2
* Release 2.6.0-2 New release built with libfixbuf 1.6.0
* Wed Sep 03 2014 Lawrence Rogers 2.6.0-1
* Release 2.6.0-1 Added a new tool, ipfixDump, to read and dump the contents of IPFIX files. Requires Fixbuf 1.4.0 or later. Add LDAP application label Filedaemon can now move files from one directory to another without passing to a child program SSL/TLS DPI modification to capture SSL record version Update CERT PEN Information Elements to use full information model if Fixbuf 1.4.0 or later is available Fix for Modbus application label to reduce false positives Bug Fix for TOS field when running with --uniflow Bug Fix in RPM spec file Bug Fix for labeling malformed DNS packets Bug Fix for processing out of order packets with --force-read-all Bug Fix for exporting reverse payload Other minor bug fixes
* Wed Aug 20 2014 Lawrence Rogers 2.5.0-3
* Release 2.5.0-3 New release built with libfixbuf 1.5.0. This release was rebuilt for CentOS 6 which was linked incorrectly with the previous version of libfixbuf.
* Fri Aug 08 2014 Lawrence Rogers 2.5.0-2
* Release 2.5.0-2 New release built with libfixbuf 1.5.0
* Tue Mar 04 2014 Lawrence Rogers 2.5.0-1
* Release 2.5.0-1 Bug Fix for indexing rolling pcap files Added MPLS flow hashing and label export Add option for yafMeta2Pcap to take a list of pcap files Non-IP flow data can be exported in MPLS mode Added Napatech 3GD support Added Netronome support Added DNP3 application labeling and configurable DPI Added Modbus application labeling and configurable DPI Added Ethernet/IP application labeling and configurable DPI YAF DPI plugin now exports RTP Payload Type Added compile time option to enable local-time logging New Bittorrent application label Added Daemonizing capability within YAF Added option to disable promiscuous mode on device Added LDP application label for MPLS support Added Juniper Ethernet (DLT_JUNIPER_ETHER) link layer support getFlowKeyHash can now accept IPFIX input Interface recording is now enabled by default for capture cards Bug Fix for pcap-per-flow option Type of Service Field now exported
* Thu Jan 16 2014 Lawrence Rogers 2.4.0-3
* Release 2.4.0-3 Removed references to p0
* Thu Dec 12 2013 Lawrence Rogers 2.4.0-2
* Release 2.4.0-2 New release linked with libfixbuf 1.4.0
* Fri May 03 2013 Lawrence Rogers 2.4.0-1
* Release 2.4.0-1 New HTTP DPI Fields Updated DPI Elements Bug Fix to not replace yaf.conf on install New application label: VMware server console Added support to decode ERSPAN headers Drop statistics are updated when statistics messages are exported yafcollect bug fix Other Bug Fixes
* Tue Mar 12 2013 Lawrence Rogers 2.3.3-2
* Release 2.3.3-2 New release linked with libfixbuf 1.3.0
* Wed Jan 30 2013 Lawrence Rogers 2.3.3-1
* Release 2.3.3-1 init.d script improvements Allow yafmeta2pcap to accept multiple files Report drop statistics on SigUsr1 Bug Fixes
* Fri Sep 14 2012 Lawrence Rogers 2.3.2-2
* Release 2.3.2-2 Bug Fix to maintain compatibility with older versions of GLib and libpcap
* Mon Sep 10 2012 Lawrence Rogers 2.3.1-1
* Release 2.3.1-1 DPI Improvements Additional Pcap Export Option --index-pcap Add option to manually set ingress/egress interface fields Add tool to create pcap from pcap metafile Bug Fixes
* Tue Jun 26 2012 Lawrence Rogers 2.2.2-2
* Release 2.2.2-2 Rebuilt for libfixbuf-1.1.2
* Fri Mar 30 2012 Lawrence Rogers 2.2.2-1
* Release 2.2.2-1 Bug Fix for Vlan Tagging
* Thu Mar 29 2012 Lawrence Rogers 2.2.1-3
* Release 2.2.1-3 Enabled -enable-ltdl-install=no to avoid conflicts with other packages
* Thu Mar 29 2012 Lawrence Rogers 2.2.1-2
* Release 2.2.1-2 Enabled the following options: - enable-applabel - enable the packet payload application label engine - enable-p0fprinter - enable the p0f based OS finger printing capability - enable-plugins - enable YAF to load plugin extensions
* Thu Mar 08 2012 Lawrence Rogers 2.2.1-1
* Release 2.2.1-1 Bug Fixes
* Sun Feb 19 2012 Lawrence Rogers 2.2.0-1
* Release 2.2.0-1 New Application Labels (MSNP, RTP, RTCP, Jabber) Rolling Pcap output and pcap-per-flow option. CERT p0f Fingerprints included. New option to process out-of-sequence flows. Several other bug fixes.
* Tue Jan 03 2012 Lawrence Rogers 2.1.2-2
* Release 2.1.2-2 Rebuilt for libfixbuf-1.1.1
* Fri Sep 23 2011 Lawrence Rogers 2.1.2-1
* Release 2.1.2-1 Added new --plugin-conf switch for adding a configuration file to a plugin Added new --p0f-fingerprints switch to give location of p0f fingerprint files Bug Fixes
* Tue Sep 13 2011 Lawrence Rogers 2.1.1-2
* Release 2.1.1-2 Rebuilt for libfixbuf-1.0.2
* Thu Aug 11 2011 Lawrence Rogers 2.1.1-1
* Release 2.1.1-1 Important bug fix for application labeling SSL plugin
* Wed Jul 27 2011 Lawrence Rogers 2.1.0-1
* Release 2.1.0-1 New Information Element exported in every flow record, flowAttributes (CERT PEN 6871, IE 40). YAF now checks if a flow has fixed-size packets and exports this flag using the new flowAttributes Information Element (see yaf) Reset Application Label on UDP-uniflows for Deep Packet Inspection Fixed yafscii invalid parameter bug that may have existed on certain platforms Added VNC (RFB Protocol) application label DPI Enhancements FlowEndReason IPFIX field is now set to 31 for udp-uniflows For Cygwin: Added support for getting the yaf config directory via the Windows Registry Several other bug fixes
* Mon Jun 13 2011 Lawrence Rogers 2.0.2.1
* Release 2.0.2-1 Improvements with Reassembly of TCP Fragments. Bug Fix for DNS Deep Packet Inspection. --no-frag switch now works. Bug Fix for expiring flows that exceed the idle timeout when reading from a file. Added the ability to configure YAF with WinPCAP.
* Thu Apr 28 2011 Lawrence Rogers 2.0.1-1
* Release 2.0.1-1 Bug Fix for compile error with --enable-daginterface Enhancement for SNMPv3 application labeler
* Thu Apr 28 2011 Lawrence Rogers 2.0.0-1
* Release 2.0.0-1 This version requires libfixbuf-1.0.0 or greater. Added Napatech Adapter Integration (requires libpcapexpress). YAF now exports TCP, payload, finger printing, p0f, MAC, entropy, and DPI flow information within an IPFIX subTemplateMultiList data type. Added the ability to export YAF capture statistics using IPFIX Options Templates. The --stats or --no-stats were added to configure YAF stats output. Added the ability to define Spread group types to use Spread as a manifold for flow export based on application, port, protocol, version, or vlan. Added New Application Labels: DHCP, AIM, SOCKS, SMB, SNMP, NETBIOS. Added a time-out buffer flush function. Added SSL Certificate Capture. Added DNS Resource Record Parsing. Added Deep Packet Inspection for the MySQL protocol. The --silk switch will maintain compatibility with SiLK by not nesting TCP information in the subTemplateMultiList data type. Deep Packet Inspection elements are read from one configuration file. Added the ability to create new DPI elements from configuration file. Added UDP Export and Template Retransmission. Many Bug fixes and other enhancements.
* Thu Feb 03 2011 Lawrence Rogers 1.3.2-1
* Release 1.3.2-1 Bug fix for dnsplugin.c Minor bug fix for fingerprint exporting.
 
ICM