Releases: TroutSoftware/netsniffer
v0.7.2
Main change for this release is the switch from the gnu tool chain to the LLVM, we are still using the GNU C++ libraries.
Support for building under systems other than Alpine has also been removed, bubblewrap scripts have been provided to run an Alpine prompt from e.g. Ubuntu (see README.md in the root folder of the project)
A new binary serializer (seriazlizer_bin) has been added - this takes the "content" part of the lioli and makes it available to the different loggers - it is more or less the same as the raw serializer, but without the housekeeping headers and type info.
Snort update to 3.10.0.0 LibML added
Updates to build system (e.g. Alpine testing added)
Updated base snort version to 3.10.0.0
Added LibML to build
Bug fixing release
The important part of this release contains fixes and workarounds to issues found on some platforms.
Mainly:
- Random crash in arp monitor
- Workaround for systems that doesn't support max() being used as the absolute time in wait_until(..)
For development and debugging:
- Extra runtime logging for logger_tcp and trout_netflow2
- Update to pcap dumper, so it flushes before terminating when in testmode
- Improved socket_read test tool
Extended logging for Netflow and tcp logger
This release is mainly to add more logs
Bug fixing release + sh3 feature
- Fixed an error in the TCP logger, where the MSG_MORE flag was inverted when calling ::send(...)
- Updated sh3 so it outputs the name of the tmp folder used for failed testcases (so the generated output can be examined)
Bug fixing release
The release mainly contains bugfixes, better pegs and error output
Snort version 3.9.5.0, new serializer_filter, testcases and bugfixes
- Updated base snort version to 3.9.5.0
- Updated base libdaq version to 3.0.21
- Added testcases to Netflow 2
- Added serializer filter that e.g. allows arbitrary strings to be postfixed to serialized output
- Added testcases to logging framework
- Fixed racecondition at startup in logging framework that could lead to wrong configuratio
RC3 for september release
Contains the following fixes:
- For IpV6 addresses enclosing
[ ]are no longer part of the IP LioLi key - For Netflow2 the current time is now transmitted in the current time field of the header, instead of in the uptime field
RC1 for september release
Release candidate including:
- Updated alert_lioli, new with more fields in the reports
- Added new netflow2, generating data in the binary netflow format
- New hex serializer, great when working with binary data during development
- New raw serialzier, great for binary data, as it copies the data part of the logs unmodified
- New TCP logger, that writes logs to tcp sockets - our first logger that can handle multiple log streams and configurations
- Various minor changes to generated output, bugfixes etc.
v0.4.2
Bugfix & updated testcases release
Full Changelog: v0.4.1...v0.4.2