SEARCH
NEW RPMS
DIRECTORIES
ABOUT
FAQ
VARIOUS
BLOG

 
 
Changelog for yaf-devel-3.0.0.alpha1-1.fc33.x86_64.rpm :

* Mon Feb 28 2022 Lawrence R. Rogers 3.0.0.alpha1-1
* Release 3.0.0.alpha1-1 Merged the configuration files yafApplabelRules.conf and yafDPIRules.conf into a single file written in Lua. Previous versions of those files will not work with this version of yaf. Changed Deep Packet Inspection (DPI) support to be compiled into yaf when requested by configure; it is no longer a plug-in. Run configure with --enable-dpi to enable the capability; run yaf with --dpi to use it. Specifying --dpi enables application labeling; it is no longer necessary to explicitly specify --applabel when enabling DPI. Changed yaf to export metadata about information elements and templates by default: both as compile-time and run-time options. To disable on an invocation, run yaf with the --no-element-metadata and/or --no-template-metadata switches. To disable support entirely, pass --disable-metadata-export to configure. (Note that super_mediator-2.0.0 works best with template metadata enabled.) Updated yaf to use the enhanced template metadata available in libfixbuf-3.0.0. This allows yaf to declare that it only uses some templates within sub-records (that is, within a subTemplateList or subTemplateMultiList). The metadata also describes the information element yaf uses in its basicLists. Added the yaf command line option --payload-applabel-select to enable exporting payload data for only selected appLabel values. Updated the regular expressions used for application-labeling. Changed numerous aspects of the DPI data. Updated, rearranged, and fixed bugs in SMTP DPI. Added fields for more DNSSEC values and fixed other bugs in DNS DPI. Renamed the configure option --enable-p0fprinter to --with-p0f. Renamed the configure option --enable-ndpi to --with-ndpi. Fixed bugs in POP3 DPI. Removed support for the Spread toolkit. Removed support for the popt options parser. Updated fixbuf requirement to libfixbuf-3.0.0.
* Thu Oct 14 2021 Lawrence R. Rogers 2.12.2-1
* Release 2.12.2-1 Added new protocols to the yafAppLabelRules.conf file and updated several regular expressions. Changed the regexes used by the SMTP DPI plugin and improved capture when multiple messages appear in a single SMTP session. Fixed a crash in the SMTP DPI plugin when reading uniflow records. Updated the POP3 DPI plugin. Updated yafzcbalance to be compatibile with PF_Ring-8.
* Tue Aug 17 2021 Lawrence R. Rogers 2.12.1-2
* Release 2.12.1-2 New version of libpfring with patch from NetSA.
* Tue Dec 22 2020 Lawrence R. Rogers 2.12.1-1
* Release 2.12.1-1 Changed the templates and IEs used for SMTP DPI. The new templates use different IDs than those used by previous releases of YAF. super_mediator-1.8.0 or later is required to read this format. Currently there is no version of Analysis Pipeline that reads the SMTP DPI. First public release of YAF 2.12.x.
* Fri Nov 20 2020 Lawrence R. Rogers 2.11.2-1
* Release 2.11.2-1 Fixed bugs in NTP and DNS deep packet inspection. Fixed a compilation error when building with metadata export enabled. Fixed possible compilation errors when building with nDPI support. Fixed compilation errors when building with newer versions of PF_Ring.
* Fri Mar 27 2020 Lawrence R. Rogers 2.11.0-4
* Release 2.11.0-4 Aded PF_Ring support for CentOS/RHEL 8.
  
ICM