|
|
|
|
Changelog for silk-rwflowpack-3.19.2-101.el8.x86_64.rpm :
* Thu Mar 10 2022 2022 Lawrence R. Rogers 3.19.2-101/102 * Release 3.19.2-101/102 Rebuilt with of libfixbuf 3.0.0.alpha1 * Thu Mar 03 2022 Lawrence R. Rogers 3.19.2-1/2 * Release 3.19.2-1/2 PySiLK Fix compatibility with Python 3.9 and later. Building Add support for libfixbuf-3.0.0 (v1.7.0 and later are supported). When building with static packing-logic, include the appropriate configure flag in the generated silk.spec file. * Mon Jan 04 2021 Lawrence R. Rogers 3.19.1-3/4 * Release 3.19.1-3/4 Rebuilt for libfixbuf-2.4.1. * Thu Apr 16 2020 Lawrence R. Rogers 3.19.1-1/2 * Release 3.19.1-1/2 Add the SilkFile.skip() method to PySiLK. Fix PySiLK compatiblity with Python 3.7 and 3.8. Fix a compilation error when building SiLK without libfixbuf. * Mon Oct 28 2019 Lawrence R. Rogers 3.19.0-3/4 * Release 3.19.0-3/4 Bug fixes on 2019-10-24 release. Fixed in 2019-10-28 release. * Thu Oct 24 2019 Lawrence R. Rogers 3.19.0-1/2 * Release 3.19.0-1/2 rwaggbag, rwaggbagbuild, rwaggbagcat, rwaggbagtool Support using country codes as key fields. rwflowpack, flowcap Support a show-templates log-flag value in the sensors.conf file which enables printing of templates for specific probes. * Thu Aug 29 2019 Lawrence R. Rogers 3.18.3-1/2 * Release 3.18.3-1/2 Quiet a warning message when using libfixbuf-2.4.0. * Thu May 23 2019 Lawrence R. Rogers 3.18.2-1/2 * Release 3.18.2-1/2 Remove unintentionally-enabled debugging statements from rwflowpack. * Fri Apr 19 2019 Lawrence R. Rogers 3.18.1-3/4 * Release 3.18.1-3/4 Rebuilt for libfixbuf-2.3.1. * Thu Mar 21 2019 Lawrence R. Rogers 3.18.1-1/2 * Release 3.18.1-1/2 Add support for logging tombstone records created by YAF 2.11. * Thu Dec 13 2018 Lawrence R. Rogers 3.18.0-1/2 * Release 3.18.0-1/2 rwsetcat When --ip-format includes zero-padded and CIDR prefixes are being printed, also apply zero-padding to the prefix. Fix a bug when using --ip-format=decimal,zero-padded that caused an extra leading 0 to appear for IPv6 addresses. rwbagcat When --key-format includes zero-padded and CIDR prefixes are being printed, also apply zero-padding to the prefix. Fix a bug when using --key-format=decimal,zero-padded that caused an extra leading 0 to appear for IPv6 addresses. rwpmapcat, rwpmaplookup When --ip-format includes zero-padded and CIDR prefixes are being printed, also apply zero-padding to the prefix. Fix a bug when using --ip-format=decimal,zero-padded that caused an extra leading 0 to appear for IPv6 addresses. Fix a bug when using --ip-format=unmap-v6 where the prefix for IPs in the ::ffff:0:0/96 netblock was not adjusted to IPv4. rwcut, rwrecgenerator, rwstats, rwuniq Fix a bug when using --ip-format=decimal,zero-padded that caused an extra leading 0 to appear for IPv6 addresses. rwsender, rwreceiver Change optional TLS support to require GnuTLS-2.12.0 or later. Add a --tls-priority switch to set the priority (preference order) of ciphers, key exchange, etc. Add a --tls-security switch to set the security level of GnuTLS which determines cryptographic key sizes and security parameters. Add a --tls-crl switch to set a certificate revocation list. Add a --tls-debug-level to set the debugging level of GnuTLS. Not setting RWSENDER_TLS_PASSWORD/RWRECEIVER_TLS_PASSWORD is now treated as a NULL password, not an empty password. Exit with an error when any of the switches --tls-ca, --tls-cert, --tls-key, or --tls-pkcs12 are specified multiple times. Use GnuTLS\'s socket reading/writing functions instead of our own. rwflowpack Fix a bug that could cause rwflowpack to crash when multiple probes were processing IPFIX files. * Tue Dec 04 2018 Lawrence R. Rogers 3.17.2-5/6 * Release 3.17.2-5/6 Rebuilt for libfixbuf-2.2.0. * Thu Jul 19 2018 Lawrence R. Rogers 3.17.2-3/4 * Release 3.17.2-3/4 Rebuilt for libfixbuf-2.1.0. * Thu Jun 28 2018 Lawrence R. Rogers 3.17.2-1/2 * Release 3.17.2-1/2 rwgeoip2ccmap Add a --fields switch that gives the user control over which country-code value(s) are used when reading a GeoIP2 file. rwuniq Use a 64-bit integer for storing a bin\'s record count. rwstats Use a 64-bit integer for storing a bin\'s record count. rwaddrcount Use 64-bit integers for storing a bin\'s packet count and record count. rwflowpack In sensor.conf, add a new quirk, nf9-out-is-reverse, to simulate the behavior of libfixbuf-1.7.1; i.e., to treat the NetFlow v9 elements OUT_BYTES and OUT_PKTS as reverse-volume values. When parsing the sensor.conf file, allow double-quoted strings for the path names of IPset files. flowcap In sensor.conf, add a new quirk, nf9-out-is-reverse, to simulate the behavior of libfixbuf-1.7.1; i.e., to treat the NetFlow v9 elements OUT_BYTES and OUT_PKTS as reverse-volume values. * Mon Apr 23 2018 Lawrence R. Rogers 3.17.1-1/2 * Release 3.17.1-1/2 3.17.1 Fix a compilation failure on RedHat EL6, CentOS 6, and other systems. 3.17.0 Add support in rwaggbagtool for removing rows when a value is above or below a threashold or when an IP address is in or is not in an IPset. Change how rwsetcat displays IPv4 addresses in an IPset containing both IPv4 and IPv6 addresses. Add support for millisecond timestamps in rwuniq and rwstats. Add support for the GeoIP2 version of MaxMind\'s country code comma-separated value files and binary files. (Binary file support requires libmaxminddb library support.) * Thu Feb 15 2018 Lawrence R. Rogers 3.16.1-1/2 * Release 3.16.1-1/2 rwstats Fix a bug that occurred when using a large amount of memory and could result in corrupted output. rwuniq Fix a bug that occurred when using a large amount of memory and could result in corrupted output. rwbagcat Fix bugs that occur when using the --network-structure switch with an IPv4-specific argument and bag file contains addresses in the ::ffff:0:0/96 netblock. rwsetcat Print an error message when rwsetcat is unable to read an IPset. rwsender, rwreceiver Fix an issue when using installations of GnuTLS that do not provide support for thread locking. rwflowpack, flowcap Fix a bug where NetFlow v9 records were being ignored because the application was decoding them with the wrong internal template. Building Fix issues when determining compilation flags necessary for Python support. * Thu Nov 09 2017 Lawrence R. Rogers 3.16.0-3/4 * Release 3.16.0-3/4 Rebuilt with libfixbuf 1.8.0. * Thu Jun 29 2017 Lawrence R. Rogers 3.16.0-1/2 * Release 3.16.0-1/2 rwstats When the primary value is a distinct count, compute the number of distinct items across all bins and print each bin\'s percentage of the total distinct count. Fix bugs that may occur when computing distinct counts and not all distinct counts fit into memory. rwuniq Fix bugs that may occur when computing distinct counts and not all distinct counts fit into memory. flowrate plug-in Change how the flowrate plug-in handles flow records whose duration is zero in order to fix bizarre looking output in rwstats. The plug-in now assumes each of these flow records has a duration of 400 microseconds (0.4 milliseconds). Add the --flowrate-zero-duration switch which allows the user to set the duration that the plug-in uses for flow records whose given duration is zero. rwrandomizeip Read flow records from the standard input if the number of non-switch arguments is zero. Write the flow records to the standard output if the number of non-switch arguments is zero or one. rwswapbytes Read flow records from the standard input if the number of non-switch arguments is zero. Write the flow records to the standard output if the number of non-switch arguments is zero or one. rwflowpack, flowcap Change processing of NetFlow v9 records so that, when SiLK is compiled against libfixbuf 1.8.0, the OUT_BYTES and OUT_PKTS values are used when the IN_BYTES and IN_PKTS values are 0. flowcap Print the probe definitions to the log file when the log-level is set to debug. rwflowpack, rwflowappend, flowcap, rwsender, rwreceiver, rwpollexec Change how daemons invoke subprocesses in order to avoid creating subprocesses that deadlock and never complete. Modify start-up scripts to be more in line with the rules in the Linux Standard Base. Plug-ins Add manual pages for the cutmatch, conficker-c, and app-mismatch plug-ins. No longer install the uniq-distproto plug-in since its functionality is available as --values=distinct:protocol. * Fri Mar 24 2017 Lawrence R. Rogers 3.15.0-1/2 * Release 3.15.0-1/2 rwaggbag Create a new tool similar to rwbag: a tool to bin SiLK Flow records using a key and counter that support multiple fields and store the results in a binary Aggregate Bag file. rwaggbagbuild Create a new tool to create an Aggregate Bag file from text. rwaggbagcat Create a new tool to print the contents of an Aggregate Bag file as text. rwaggbagtool Create a new tool to manipulate binary Aggregate Bag files and create a new Aggregate Bag file. flowkey Add a new plug-in that uses the same algorithm as YAF to compute a 32-bit flow key hash. rwpmapcat Add the --output-path switch to specify the output file. POTENTIAL INCOMPATIBILITY. Note that the shortest unique prefix for the --output-type switch is now \"--output-t\". rwfileinfo Add the --xargs switch to read input file names from a file. rwsetcat Add the --output-path switch to specify the output file. Do not use the the pager when the output contains only the count of the number of IPs in a singe IPset. rwsiteinfo Add the --output-path switch to specify the output file. rwtuc Add the --xargs switch to read input file names from a file. Allow multiple fields in the input to be ignored. At shutdown, print the number of input lines that were not parsed unless --verbose is given or an error occurs. Remove the --bad-input-lines file when it is empty (in accordance with the manual page). Fix a bug that treated white space after the final delimiter as another field. Fix issues in parsing the title line when --fields is given. rwbagcat Add the --site-config-file switch to select the silk.conf file. Do not invoke the pager when --print-statistics is the only output and a destination argument is given to the switch. rwip2cc Do not use the pager when the --output-path switch is given. rwscanquery Fix a bug that prevented use of the SQLite database driver on a case-sensitive file system and caused \"make check\" to fail. Building Fix a compilation error in rwsiteinfo on Ubuntu. Remove support for fixbuf releases prior to libfixbuf-1.7.0. * Thu Nov 17 2016 Lawrence R. Rogers 3.14.0-1/2 * Release 3.14.0-1/2 IPset changes Add a new file format, record-version=5, for IPsets containing IPv6 addresses that should be more compact than record-version=4. Unless the default file format is changed at configure time, the new format must be explicitly requested using --record-version switch or via the SILK_IPSET_RECORD_VERSION environment variable. Fix a bug when working with IPsets that contain IPv6 addresses and have more than 44,739,242 internal nodes. The bug may cause the tool to crash or to loop endlessly. Reduce how quickly memory grows when building an IPset that contains IPv6 addresses. Perform additional integrity checks when reading an IPset file from disk. rwsetbuild Fix a bug introduced in SiLK-3.11.0 that may occur when computing the intersection or difference of an IPv4 IPset with an IPv6 IPset that is in record-version=4 format. Addresses in the ::ffff:0:0/96 netblock of the IPv6 IPset were ignored when the IPset contained clusters of addresses less then ::ffff:0:0. rwsetcat Allow computing the count of IP addresses in an IPset without loading the IPset into memory. rwbag Fix a bug when creating a bag whose key is attributes that causes the bag to appear to have duplicate keys. rwfileinfo Rename the title of the compression field. The title was changed unintentionally in SiLK 3.12.2 and caused iSiLK to fail. rwstats, rwuniq Do not limit the maximum hash table size to a 32-bit value on a 64-bit platform. flowcap, rwflowpack In the sensor.conf file, add support for a quirk to handle NetFlow v9 records generated by a SonicWall device where the router up-time is reported in seconds instead of milliseconds. Building Add a configure switch, --enable-ipset-compatibility, that allows changing the default IPset file format written by SiLK. The argument is the version of SiLK with which IPsets are to be compatible. The IPset file format changes at 3.7.0 and 3.14.0. * Thu Sep 29 2016 Lawrence R. Rogers 3.13.0-1/2 * Release 3.13.0-1/2 Change across all tools Add support for compressing files with \"Snappy\" compression when the Snappy library and header are found during configuration. Add support for the SILK_COMPRESSION_METHOD environment variable that provides a default value for the --compression-method switch. rwcount Do not limit the maximum array size to a 32-bit value on 64-bit platforms. rwsettool Add a --symmetric-difference switch to compute the set of IP addresses that occur in only one of two input IPsets. rwfileinfo Disable printing of the record count when the file\'s compression method is not available. rwfilter, rwfglob Fix a file-selection bug where a --start-date specified in epoch seconds that fell on a day boundary would return files for that entire day instead of for that single hour. PySiLK Fix memory leaks. Fix a bug in the silk.site.repository_iter() where an epoch-based start-date value that fell on a day boundary would return files for that entire day instead of for that single hour. rwsender Change the log messages that are written when scanning the incoming and processing directories. * Thu Jun 23 2016 Lawrence R. Rogers 3.12.2-1/2 * Release 3.12.2-1/2 rwgeoip2ccmap Restore support for binary input that was removed in SiLK 3.12.0. rwbagcat Sort the output using the value of each key\'s counter when the --sort-counters switch is given. rwbag Copy the invocation history and the notes from the source files to the output file(s). rwbagtool When inverting a bag, set the key-type of the output to the counter-type of the input. Previously it was set to custom. rwfileinfo Add a --help-fields switch. Expand the description of rwfileinfo\'s output on the manual page. rwfilter, rwfglob, rwsiteinfo Fix an unexpected fatal error that would occur when the silk.conf file contained a class that did not contain any types. Check the validity of the silk.conf file and report such errors. rwipfix2silk Write additional log messages when --log-destination is specified. rwpdu2silk Write additional log messages when --log-destination is specified. rwflowpack Change when record counts are reported in the log file: Report the number of records written to each output file only when the files are flushed. Fix a bug processing the reverse side a YAF bi-flow that stored the egressInterface in both the input and output fields. Fix a bug processing a bi-flow record that reversed the vlan interfaces on the forward record. flowcap Fix a bug when processing the reverse side a YAF bi-flow that stored the egressInterface in both the input and output fields. Fix a bug processing a bi-flow record that reversed the vlan interfaces on the forward record. rwflowappend Add locking of incremental files to prevent multiple rwflowappend invocations from processing the same file. * Thu May 05 2016 Lawrence R. Rogers 3.12.1-1/2 * Release 3.12.1-1/2 rwbagcat Fix a bug where the pager was not invoked when displaying keys as IPs or integers. rwflowpack, flowcap Make substantial changes to the handling of IPFIX and NetFlow v9 records to decrease per-record processing time. * Thu Mar 31 2016 Lawrence R. Rogers 3.12.0-1/2 * Release 3.12.0-1/2 rwbag Add a new switch --bag-file that replaces the numerous bag creation switches that previously existed. Deprecate the previous bag creation switches. Expand the list of keys that rwbag supports (e.g., start-time, sensor, TCP flags). Add support for creating a bag that contains country codes. Add support for creating a bag whose key is derived from a prefix map that maps either IP-addresses or protocol-port pairs. Add a header to the Bag file that stores the command line used to create the file. rwbagcat POTENTIAL INCOMPATIBILITY. Display a key whose type represents a time using a human-readable timestamp. Using --key-format=epoch displays the integer value. POTENTIAL INCOMPATIBILITY. Display a key whose type represents a SiLK sensor using the the sensor name. Using --key-format=decimal displays the integer value. POTENTIAL INCOMPATIBILITY. Display a key whose type represents TCP flags using the standard FSRPAUEC letters. Using --key-format=decimal displays the integer value. POTENTIAL INCOMPATIBILITY. Display a key whose type represents SiLK attributes using the standard TCFS letters. Use --key-format=decimal to display the integer value. Display a key whose type represents a country code using the two letter abbreviation. Require a prefix map to be specified via the --pmap-file switch when attempting to display a key whose type represents a mapping from a prefix map. Require the type of the prefix map to match the key-type specified in the Bag. Allow the --key-format switch to accept time-formatting and timezone arguments when printing a key that represents a time. Exit with an error when a time-format is used on a Bag whose key-type is neither a time nor \'custom\'. POTENTIAL INCOMPATIBILITY. Exit with an error when a --key-format for an IP address is used on a Bag whose key-type is neither an IP address nor \'custom\'. POTENTIAL INCOMPATIBILITY. Exit with an error when the --network-structure switch is used on a Bag whose key-type is neither an IP address nor \'custom\'. POTENTIAL INCOMPATIBILITY. Exit with an error when the --mask-ips switch is using on a Bag whose key-type is neither an IP address nor \'custom\'. rwbagbuild Add support for creating a bag that contains country codes. Add support for creating a bag whose key is derived from a prefix map that maps either IP-addresses or protocol-port pairs. When mapping from a protocol-port pair to a prefix map value, allow the delimiter between the protocol and port to be different than that between the port and the counter. Add a header to the Bag file that stores the command line used to create the file. rwgeoip2ccmap Use the first line of input to determine whether to create an IPv4 or IPv6 country code map. Add a header to the Bag file that stores the command line used to create the file. Modify the tool to more closely follow other SiLK tools. POTENTIAL INCOMPATIBILITY. Do not read the binary form of the Legacy GeoIP country code map. Only accept the comma separated value form. rwstats Allow the --count switch to accept an argument of 0 which indicates that it should print all bins. Allow the --percentage switch to accept a floating point value. rwsort Do not limit the maximum sort-buffer size to a 32-bit value on 64-bit platforms. rwdedupe Do not limit the maximum sort-buffer size to a 32-bit value on 64-bit platforms. rwcombine Do not limit the maximum sort-buffer size to a 32-bit value on 64-bit platforms. rwpmapbuild Add a header to the prefix map file that stores the command line used to create the file. rwsilk2ipfix Use multiple IPFIX templates when converting SiLK flow records. Add a --single-template switch to mimic the previous behavior. rwbagtool Fix an issue where the --compression-method switch was not applied to the IPset created by --coverset. rwflowpack, flowcap Fix a call to abort() that would occur when processing IPFIX records and a byte-count or packet-count of zero occurred in an unexpected place. Fix a bug that prevented creating a TCP IPFIX listener and a UDP IPFIX listener on the same port number. rwsender Attempt to resend any file that is not transferred unless the file is explicitly rejected by the rwreceiver. Add the --send-attempts switch that allows setting the number of attempts that are made to transfer a file. If sending a file fails and another attempt is to be made, append the file\'s name onto the back of the send queue. Allow setting of the --send-attempts switch from the configuration file and system initialization script. Fix a memory leak that may occur when rwsender is processing a file for an rwreceiver and their network connection ends. Support partial reads of a message header when GnuTLS is used. Log the GnuTLS error message that causes a connection to close. rwreceiver Support partial reads of a message header when GnuTLS is used. Log the GnuTLS error message that causes a connection to close. Building Fix several \"make check\" failures on OS X when System Integrity Protection is enabled. Remove use of pthread_atfork that preventing compilation on some systems. * Thu Oct 08 2015 Lawrence R. Rogers 3.11.0.1-1/2 * Release 3.11.0.1-1/2 3.11.0.1 Fix linking issue on Ubuntu when PySiLK support is enabled. 3.11.0 Allow rwsiteinfo to report on date ranges of files in a SiLK repository. Provide a way to set the default textual timestamp format and timezone from the environment. Provide a way to set the default textual IP format from the environment. Compile the PySiLK plug-in into the tools that can use it. Remove support for fixbuf releases prior to libfixbuf-1.6.0. Make additional changes and bug fixes. * Mon Jul 06 2015 Lawrence R. Rogers 3.10.2-3/4 * Release 3.10.2-3/4 Rebuild for libfixbuf-1.7.0. * Thu May 21 2015 Lawrence R. Rogers 3.10.2-1/2 * Release 3.10.2-1/2 Remove support for fixbuf releases prior to libfixbuf-1.4.0. Fix several bugs related to IPv6 addresses. * Thu Feb 26 2015 Lawrence R. Rogers 3.10.1-1/2 * Release 3.10.1-1/2 rwstats and rwuniq Change how rwstats and rwuniq use temporary files when distinct counts are being computed to fix the issue where the tool would sometimes exit with \"Error merging values from temporary file\". Use compression when writing to temporary files. rwsort, rwcombine, and rwdedupe Use compression when writing to temporary files. rwappend Fix a bug that could cause rwappend to remove /dev/null when run as root. flowcap Allow accept-from-host in sensor.conf to take multiple arguments. rwflowpack Allow accept-from-host in sensor.conf to take multiple arguments. Fix a potential crash when using --input-mode=respool and rwflowpack runs out of file descriptors. Building Fix a bug in the \"Requires:\" line of the generated silk.spec file when multiple optional dependencies are not available. Do not install rwscanquery when configure fails to find Perl\'s DBI module. * Thu Dec 18 2014 Lawrence R. Rogers 3.10.0-1/2 * Release 3.10.0-1/2 Important bug fixes in rwfilter and rwsetmember. rwflowpack can categorize flow records using an IPset. Several changes to logging in rwflowpack and flowcap, including a new default value. Additional changes and bug fixes. * Wed Dec 10 2014 Lawrence R. Rogers 3.9.0-9/10 * Release 3.9.0-9/10 Rebuild for libfixbuf-1.6.2. * Wed Oct 15 2014 Lawrence R. Rogers 3.9.0-7/8 * Release 3.9.0-7/8 Rebuild for libfixbuf-1.6.1. * Wed Oct 08 2014 Lawrence R. Rogers 3.9.0-5/6 * Release 3.9.0-5/6 Removed Obsoletes clause. * Mon Sep 29 2014 Lawrence R. Rogers 3.9.0-3/4 * Release 3.9.0-3/4 Rebuild for libfixbuf-1.6.0. * Thu Sep 25 2014 Lawrence R. Rogers 3.9.0-1 * Release 3.9.0-1 New tool rwcombine creates a single flow record from multiple records that represent a single, long-lived session. Several enhancements to rwmatch. Support for collecting sFlow v5 records (uses libfixbuf-1.6.0). Additional enhancements and bug fixes. * Thu Jul 31 2014 Lawrence R. Rogers 3.8.3-1 * Release 3.8.3-1 rwstats and rwuniq Fix a bug when --fields contained \"dPort\" followed by \"icmpTypeCode\" that caused the \"dPort\" field to display as 0. Additional changes and bug fixes * Thu Apr 24 2014 Lawrence R. Rogers 3.8.2-1 * Release 3.8.2-1 Add multiple thread support to rwflowappend. Support logging of IPFIX and NetFlow v9 templates received by rwflowpack and flowcap. Revision 1 - without IPA Revision 2 - with IPA * Mon Mar 17 2014 Lawrence R. Rogers 3.8.1-2 * Release 3.8.1-2 Took the time to make the build process cleaner so that it does not try to use programs that aren\'t installed. * Thu Jan 30 2014 Lawrence R. Rogers 3.8.1-1 * Release 3.8.1-1 See http://tools.netsa.cert.org/silk/releasenotes.html#release-3.8.1 for the changes in this release. * Thu Nov 21 2013 Lawrence R. Rogers 3.8.0-1 * Release 3.8.0-1 Allow rwpmaplookup to print the range that contains the key Improve handling of records from some devices that export NetFlow v9 Add support for libfixbuf-1.4.0 and remove support for releases prior to libfixbuf-1.2.0 * Sun Aug 18 2013 Lawrence R. Rogers 3.7.2-1 * Release 3.7.2-1 PySiLK changes Add IPSet.is_ipv6() and IPSet.convert() methods. Fix a bug when saving an IPv6-IPset that contains only IPv4 addresses. IPset bug fixes Fix bugs when computing the union or intersection of an IPv4-IPset and an IPv6-IPset that contains only IPv4 addresses. rwfilter bug fixes Fix a spurious warning when loading an IPset. Fix a memory issue during shutdown when an argument to one of the -- *cidr switches (--scidr, --dcidr, etc) is mistyped. rwflowpack, flowcap bug fixes Fix a bug where the daemon failed to read TCP flags contained in a SubTemplateMultiList when reading IPFIX data over the network. Fix a memory leak when receiving IPFIX data containing a SubTemplateList or a SubTemplateMultiList. * Thu May 30 2013 Lawrence R. Rogers 3.7.1-1 * Release 3.7.1-1 rwpmaplookup enhancement Add --ipset-files switch that supports using IPsets to query prefix maps. rwdedupe bug fix Fix a crash that would occur when using --xargs with an empty list of files. rwsort bug fix Create a valid SiLK Flow file when using --xargs with an empty list of files. rwcut bug fix Print the title line when using --xargs with an empty list of files. rwrecgenerator bug fix Fix a bug when using --sensor-prefix-map that would set either the source or destination address to a random value. Building Fix a small issue in the silk.spec file when the dist RPM macro was not defined. * Thu May 30 2013 Lawrence R. Rogers 3.7.0-1 * Release 3.7.0-1 Add a new IPset file format which requires less disk space. Add new --ip-format switch to control how IPs are displayed. Add new --any-index and --any-cc switches to rwfilter. Add manual pages for rwflowpack\'s packing-logic plug-ins. Change how rwflowpack and flowcap report out-of-sequence NetFlow V5 packets. * Tue Apr 23 2013 Lawrence R. Rogers 3.6.1-1 * Release 3.6.1-1 Fix a bug in rwflowpack that caused the --pack-interfaces switch to be ignored. * Thu Apr 11 2013 Lawrence R. Rogers 3.6.0-1 * Release 3.6.0-1 Use the smaller SiLK-2 IPset memory representation for IPsets that contain only IPv4 addresses. Change sending output-mode in rwflowpack. Add a new incremental-files output-mode to rwflowpack. Have rwflowpack and flowcap record lost NetFlowV9 packets (requires libfixbuf-1.3.0). Add ability for rwreceiver to monitor disk usage. Verify that the --post-command switch and similar switches do not contain any unrecognized . Many additional changes and bug fixes. * Tue Mar 12 2013 Lawrence R. Rogers 3.5.1-2 * Release 3.5.1-2 New release linked with libfixbuf 1.3.0 * Thu Dec 20 2012 Lawrence R. Rogers 3.5.1-1 * Release 3.5.1-1 Fix bug in the IPset library that made it impossible to store very large IPset files. Various changes to rwsiteinfo. Fix issue in rwreceiver that could cause it to close valid connections. * Thu Nov 01 2012 Lawrence R. Rogers 3.5.0-1 * Release 3.5.0-1 Add country code support for IPv6 addresses. Fix issue in rwreceiver that could cause it to close valid connections. Fix a bug on 32-bit platforms when reading files compressed with LZO that could cause memory corruption. Modify how rwflowappend determines the hourly file in which flow records are to be stored. Several additional bug fixes. * Thu Sep 27 2012 Lawrence R. Rogers 3.4.1-1 * Release 3.4.1-1 Add new --tail-recs switch to rwcut. Fix issue where receiving incorrect data from a previously rejected UDP client could case rwflowpack or flowcap to exit. * Thu Sep 13 2012 Lawrence R. Rogers 3.4.0-1 * Release 3.4.0-1 Modify how SiLK decodes the ICMP type and code stored in certain SiLK Flow records. Provide the new configure option --disable-silk3-ipsets which causes SiLK to use the IPset library as it existed in SiLK-2. When this switch is used, IPsets cannot store IPv6 addresses. Add support for libfixbuf-1.2.0, which allows multiple NetFlow v9 sources to connect to the same port. Add enhancements to rwsetcat, rwsetmember, rwscan. Fix bugs in rwuniq, rwstats, rwcut, rwipfix2silk. * Wed Aug 01 2012 Lawrence R. Rogers 3.3.4-1 * Release 3.3.4-1 * Fix bug where rwscanquery would attempt to write a file beginning and ending with a quote character. * Fix potentional issue in rwsender when attempting to exit after encountering an unexpected condition. * Thu Jul 19 2012 Lawrence R. Rogers 3.3.3-1 * Release 3.3.3-1 * Fix bug in log file locking and rotation. * Thu Jul 12 2012 Lawrence R. Rogers 3.3.2-1 * Release 3.3.2-1 * Fixes in the IPset and Bag tools. * Thu Jun 14 2012 Lawrence R. Rogers 3.3.0-1 * Release 3.3.0-1 * Critical fixes in rwuniq, rwstats, and the IPset tools. * Enhancements to rwscanquery * In flowcap, new log messages record the number of record processed for IPFIX probes and NetFlow v9 probes. * Thu Apr 26 2012 Lawrence R. Rogers 3.2.1-1 * Release 3.2.1-1 * Fix an issue when using multiple compressed IPsets in rwfilter on MPI. * Make rwflowpack and flowcap more robust with respect to error codes returned by libfixbuf. * Fix issues that prevented daemons from shutting down cleanly on some BSD OSes. * Tue Mar 20 2012 Lawrence R. Rogers 3.2.0-1 * Release 3.2.0-1 * Fix an issue when creating files on MPI where the compression was set to \"default\" or \"best\". * Additional bug fixes. * Wed Feb 15 2012 Lawrence R. Rogers 3.1.0-1 * Release 3.1.0-1 * rwflowappend uses advisory write locks to prevent multiple rwflowappend processes from each attempting to write to the same file. * Fix several issues in handling IPFIX. * Ignore IPFIX records that report a byte or packet count of zero. * Fri Sep 30 2011 Lawrence R. Rogers 3.0.0-1 * Release 3.0.0-1 * Support for IPv6 addresses in IPsets, Bags, and Prefix Maps. * New tools: rwsiteinfo, rwpmaplookup, rwpdu2silk * Improved IPFIX support, including allowing collection from multiple sources on a single TCP port. libfixbuf-1.0.0 is now required.
|
|
|