4 commits
Author | SHA1 | Message | Date | |
---|---|---|---|---|
seb
|
a4b9471c27 |
Update to version 0.67.
Package changes: bl3ify, record build options, remove obsolete AUTOMAKE_POST_PATTERNS, support new PostgreSQL feature. Changes since last packaged version: * 12-4-2003 flow-tools 0.67 released. * flow-export: pgsql support from wyu@ateneo.edu * docs: flow-report: Added description of reports. * ftlib: ftfil.c - match_end_time() broken - noted by "Joe Loiacono" <jloiacon@csc.com> * ftlib: fttag.c - better syntax checking for or-src/dst and set-src/dst * ftlib: ftlib.h FT_TAG_TYPE_MATCH_NEXTHOP duplicated - flow-tag crash with next-hop type noted by Maxim Grigoriev <maxim@fnal.gov> * ftlib: ftstat.c - broken ip-destination-address-source-count. patch from "Shigeki Taniguchi" <staniguchi@csc.com> * flow-fanout: filters not loaded - noted by RAR@syssrc.com * ftlib: missing function prototypes for ftstat_*, rename bind to binding to prevent shadowing bind(). patch from Bill Fumerola <billf@mu.org> * flow-fanout, flow-capture. Process SIGTERM like SIGQUIT so flow-tools will work better under daemontools - req by Bernhard Weisshuhn <bkw@weisshuhn.de> * docs: flow-nfilter and flow-cat TIME/DATE parsing section. * flow-dscan: drp->flags not updated when loading saved state - patch from Jon Snyder <jon@pdx.edu> * flow-dscan: allow concurrent -w and -W, patch from Dan Thorson <dan.thorson@seagate.com> * docs: flow-print -f24 - noted by noted by Christian Bauer <Christian.Bauer@NEFkom.de> * dist: tag.sym and tag.cfg example files reversed - noted by * ftlib: ftlib.h - FT_TAG_SET and FT_TAG_OR are broken - patch from Valtteri Vuorikoski <vuori@geo0-hel-fi.magenta.net> * ftlib: ftrec.c - add 1005to5 translation - patch from Valtteri Vuorikoski <vuori@geo0-hel-fi.magenta.net> * flow-stat -f0 will try to divide by 0 with an empty flow file - noted by Mike Hunter <mhunter@ack.Berkeley.EDU> * flow-capture: -u preserve unherited umask - patch from Everton da Silva Marques <everton@lab.ipaccess.diveo.net.br> * flow-receive: remove -m and -A. * flow-capture: remove -m and -A, functionality is now in xlate -x -X. * flow-xlate: - config file based now. * docs: flow-report: note which fields are sortable and what the key field is. * flow-capture: accept()'s 3rd arg should be casted to socklen_t*, noted by Alistair.McGlinchy@marks-and-spencer.com * docs: flow-nfilter, port is 0..65535 not 0..255 - noted by Mike Hunter <mhunter@ack.Berkeley.EDU> * ftlib: ftlib.h - set-{dst,src} and or-{dst,src} constants not correct - patch from Valtteri Vuorikoski <vuori@geo0-hel-fi.magenta.net> * ftlib: ftchash.c - ftchash_sort() should not try to sort 0 entry table - noted by "Shane D." <shane.dawalt@wright.edu> * flow-import: missing !HAVE_STRSEP compatability - patch from Alistair.McGlinchy@marks-and-spencer.com * ftlib: ftstat.c - output path not parsed correctly with leading whitespace -- noted by Maxim Grigoriev <maxim@fnal.gov> * ftlib: fttag.c - src->source dst->destination * ftlib: fttag.c - ip-address, exporter, interface tag actions, requested by Tim Irwin <tim@arch.bellsouth.net> * ftlib: ftsym.c - ftsym_new() should handle null filename - noted by Celso Alves Vieira <celso@telemar.com.br> * flow-dscan: buf len 64, not 54 - Anil Madhavapeddy <anil@recoil.org> |
||
seb
|
ba93f617f3 |
Update to version 0.66.
NOTE: The names of the default configuration files has changed. They now end in `.cfg' or `.sym'. Approved by MAINTAINER. Changes since last packaged version: * 4-3-2003 flow-tools-0.66 released * reapply flow-fanout linux patch, also infected flow-send * 4-3-2003 flow-tools-0.65 released * flow-send, flow-fanout: -s source IP address spoofing. * build: builddir != srcdir problems - noted by jos@catnook.com * build: All default config files installed by default. * build: config files end in .cfg, symbol files end in .sym. Note this changes the names of the default configuration files. * ftlib: ftfil.c - random sample filter - reqested by Edward Balas <ebalas@iu.edu> * ftlib: ftstat.c - ip-destination-address-source-count missing count - noted by Christian Cinetto <cinetto@garr.it> * build: example tags file installed by default. * ftlib: ftstat.c - broken ip-source-address/ip-destination-port - noted by Gerhard.Haindl@t-systems.at * ftlib: ftstat.c - broken ip-destination-address/destination-as - noted by carsten.strahler@lambdanet.net * remove bin scripts (mostly historical OSU stuff) * upgrade to automake 1.7.3 and autoconf 2.57 * docs: flow-report.sgml missing ip-source/destination-address/ip-protocol/ip-tos/ip-source/destination-port noted by shane.dawalt@wright.edu * flow-fanout: will not compile under linux - patch from alex.shepard@gettyimages.com * ftlib: ftstat.c - use FMT_SYM_LEN instead of hard coded 32 byte length. increase len to 64 bytes. * ftlib: fmt.c - fmt_uint*s() did not properly null terminate when symbol strlen >= max - noted by jed@onenet.net * 2-23-2003 flow-tools-0.64 released * flow-fanout, flow-capture, flow-receive: add startup= to STAT: line * docs: flow-fanout - missing -f -F - noted by RAR@syssrc.com * flow-split: consuming too many resources, noted by fin@finseth.com * ftlib: ftstat.c - rec2: in summary-detail report missing time_real field - noted by shane.dawalt@wright.edu * build: strouq() -> strtoull(). Check if strtoul() is really strtoull() - noted by shane.dawalt@wright.edu * ftlib: ftstat.c - protect potential divide by 0 errors - noted by shane.dawalt@wright.edu * flow-split: stag not initialized - patch from fin@finseth.com * build: ftlib.h should not require ftconfig.h - noted by jan@kneschke.de * build: lib/ftconfig.h does not belong in dist - noted by jos@catnook.com * ftlib: ftlib.h - FT_SO_RCV_BUFSIZE default to 4MB * ftlib: suppport.c - bigsockbuf() - more agressive reduction on large buffers. Report size. * ftlib: ftmask.c - flow-mask: rn_deladdr(): failed. Missing masklen set - noted by nik.hinson@assurance-dynamics.com * ftlib: ftfil.c - invert option to filter-definition req by mhyde@escape.ca * ftlib: shadowed variable names - fumerola@yahoo-inc.com * flow-cat: exit status 1 if no streams processed - req by mhunter@ack.Berkeley.EDU * ftlib: ftstat.c - bucket_dump_1(): loop typo noted by nik.hinson@assurance-dynamics.com * flow-capture: reload tags and filters with SIGHUP * flow-import: format4 wire format. * ftlib: ftstat.c - tag mask option should not require local tagging - noted by clay@bloomcounty.org * flow-*: catch extra command line args - noted by rcarrara@augustmail.com * ftlib: fttag.c - fix ToS tagging, add ANY tagging. |
||
seb
|
0b958de510 |
Update to version 0.63. Lots of changes and new features, see below.
Note: include files installed in $PREFIX/include/flow-tools, examples configuration files and scripts installed in $PREFIX/share/examples/flow-tools, configuration files are expected in $PKG_SYSCONFDIR/flow-tools. * 12-12-2002 flow-tools-0.63 released * ftlib: ftstat.c - More informative error message when invalid field - patch from wyu@ateneo.edu * docs: flow-capture - hosts.allow requires flow-capture-client, not flow-capture - noted by stewart@net.ohio-state.edu * flow-capture: TCP client port should be same as UDP netflow port - noted by stewart@net.ohio-state.edu * ftlib: ftfil.c: moved primitive initialization code to parse_primitive_type() to avoid state loss when 'default' or 'mask' keyword used before a permit/deny. * ftlib: ftfil.c: tos, marked_tos, tcp_flags mask applied to flow not to a copy - noted by nik.hinson@assurance-dynamics.com * flow-export -f4 wire format - requested by mikeh@ncsa.uiuc.edu * docs: flow-print.sgml - document column headers. * flow-report / ftstat.c - added runtime variable binding and output path substitution support, ie run with -v ROUTER=NYCM and use output path '/report/@ROUTER/report-out' * ftlib: ftvar.c - variable binding functions. * ftlib: ftstat.c - summary-detail report will produce core if no flows are processed - noted by rjd@merit.edu * docs: not all targets included in distribution - noted by Jeje <jeje@jeje.org> * ftlib: ftio.c byte order of output not always in synch with flags - noted by mikeh@ncsa.uiuc.edu * docs: flow-filter port correction - mhunter@ack.Berkeley.EDU * ftlib: ftstat.c names option works with IP addresses -- DNS lookups. req by nik.hinson@assurance-dynamics.com * ftlib: ftstat.c: min_pps,max_pps,min_bps,max_bps calculations, reduce memory and CPU footprint if *ps calculations are not selected. req by nik.hinson@assurance-dynamics.com * ftlib: ftstat.c: linear-interpolated-flows-octets-packets,first,last, duration,ip-source-address/source-tag,ip-source-address/destination-tag, ip-destination-address/source-tag,ip-destination-address/destination-tag, ip-source/destination-address/source/destination-tag, ip-source/destination-address/ip-protocol/ip-tos reports. req by nik.hinson@assurance-dynamics.com * ftlib: ftstat.c: new fields, index,first,last req by nik.hinson@assurance-dynamics.com * ftlib: ftstat.c: integrated mask eval req by nik.hinson@assurance-dynamics.com * flow-mask: new - replace mask length based on prefix. req by nik.hinson@assurance-dynamics.com * ftlib: fttag.c: tag on tcp-src-port, tcp-dst-port, tcp-port, udp-src-port, udp-dst-port, udp-port, tos. req by nik.hinson@assurance-dynamics.com * ftlib: fttag.c: rework to use jump tables to support more match types w/o performance impact. * flow-stat: -f32 did not have symbol lookups enabled, noted by Michael Redinger <Michael.Redinger@uibk.ac.at * docs: flow-tag man page example does not work - noted by Michael.Redinger@uibk.ac.at * flow-fanout: -V does not work, noted by gritzko@dcn.ru * 10-15-2002 flow-tools-0.62 released * ftlib: ftstat.c: fcount displayed (flows counted in pps and bbs calcs) * build: localstatedir no longer hardcoded to /var/ft. man and html pages have localstatedir substitution. * ftlib: ftstat.c: multiple output per report, output to a pipe, source/destination address format, source/destination address count report. * flow-import: -m allows ascii input. #:<fields> in ascii output automatically parsed as -m option. * flow-export: fix -m, -m now allows ascii input, ie -m unix_secs,dpkts,doctets * ftlib: ftstat.c masked tag not restored if filter evaluated to DENY. * ftlib: ftstat.c bucket record count in header not correct. * ftlib: ftstat.c ip-address and ip-port to pick up flow-stat -f7 and -f11 style reports. noted by acidic@apricot.fruit.org * flow-cat / flow-receive: Pay closer attention to FT_FIELD_CAP_START and FT_FIELD_CAP_END so a bogus capture period is not displayed on output from flow-receive > file. noted by ylee@net2phone.com * flow-print: Missing leading 0's on msec formats, noted by ertoz@cs.umn.edu * ftlib: ftfil.c: use consistent naming with flow-report * flow-fanout, flow-receive, flow-capture: handle interrupted recvmsg() syscall which happens on some linux MP configurations. * ftlib: ftfil.c - pps/bps not handled correctly - patch from jon@pdx.edu * flow-print - format 24 from Christian.Bauer@NEFonline.de * flow-import - Cisco NFC format from torppa@polykoira.megabaud.fi * flow-capture - more informative err message on bind() failure - noted by stewart@net.ohio-state.edu * docs: flow-capture.sgml - no -o option - noted by stewart@net.ohio-state.edu * flow-search - remove hard coded path, noted by stewart@net.ohio-state.edu * ftlib: ftdecode.c - ftpdu_verify() can segv on invalid packets < 4 bytes noted by Eric Stewart stewart@net.ohio-state.edu * ftlib: ftfil.c - PERMIT/DENY reversed for many when default PERMIT -- noted by Gerhard.Haindl@t-systems.at * ftlib: ftstat.c - tag mask before filter - noted by wyu@ateneo.edu * 8-27-2002 flow-tools-0.61 released * ftlib: strtoull.c - missing ULLONG_MAX - noted by papaleonardos.3@osu.edu * build: --with-mysql allows path, ie --with-mysql=/usr/local * ftlib: ftstat.c - don't require FT_XFIELD_SRC_MASK / FT_XFIELD_DST_MASK - dynamically add the requirement when FT_STAT_OPT_PREFIX_* is set - noted by mw@uk.yahoo-inc.com * ftlib: ftio.c - more informative warning when trying to process non flow-tools files. * ftlib: ftfile.c - more informative warning when ignoring files. * ftlib: fttag.c - parser requires 'type' for a match and 'term' in a definition. * ftlib: ftdecode.c - allow padded Cat 6K packets. * flow-receive, flow-capture: no longer need ftio_set_xip() - noted by mw@uk.yahoo-inc.com * flow-tag, ftstat: allow retagging - noted by clay@opus.bloomcounty.org * flow-cat: cleanup error message * flow-export: len = 0, mysql typo * ftlib: ftstat.c missed a few , - noted by nik.hinson@assurance-dynamics.com * 8-15-2002 flow-tools-0.60 released * flow-capture,flow-receive,flow-fanout: add filter option. * flow-export: MySQL support based on patch from wyu@ateneo.edu * ftlib: ftfil.c pps and bps filter. * build: scripts in bin directory get installed * build/ftlib: added BSD strtoull.c for DEC portability - noted by shane.dawalt@wright.edu * flow-report: future replacement for flow-stat * ftlib: added ftstat.c - stats and report library * ftlib: FT_RECGET_* macros * docs: updated documentation. * configs: updated asn.txt and asn symbol file * ftlib: fmt.c - fmt_ipv4prefix() was not processing 0/0 correctly. * ftlib: ftfil.c - fix memory leak with ftd->name and ftfil->name * ftlib: ftfil.c - delay primitive resolution until file is parsed -- a filter-definition can precede a filter-primitive * ftlib: ftfil.c - time only primitive implemented. Req by wyu@ateneo.edu |
||
agc
|
aa892582cd |
Initial import of flow-tools-0.59 into the NetBSD Packages Collection.
Provided by Curt Sampson (cjs@netbsd.org) Flow-tools is a set of utilties for collecting and storing NetFlow data, and doing some limited analysis of it. NetFlow is a Cisco-developed protocol for transferring network traffic flow information (usually from a router or switch) to another system that collects and stores this information. More information on NetFlow is available at http://www.cisco.com/warp/public/cc/pd/iosw/ioft/neflct/tech/napps_wp.htm |