libtrace 3.0.4 (2008-01-02)
Deprecate wtf:/wag: format. These traces no longer exist.
Cleanup bpf: capture format
add LINUX_SLL header support to get_source_mac()
deprecate trace_get_link() and replace it with the newer
trace_get_packet_buffer()/trace_get_layer2()
Bug: Don't crash when destroying an output trace that failed to
initialise
Use Linux's in kernel BPF filter if available
Add support for Cisco HDLC over PoS
Allow BPF bytecode to be used to construct a filter
Code cleanups
Fix libtrace_ip's bitfields
Fix pcapfile output bug
Documentation cleanups
Discard RT packets when writing pcapfile: files
Add a new "stats" example program
Build system cleanups
Avoid using assert() to report errors
RT packet issues
Properly deal with the packet parsing/length cache when using the
event system
Add a new loss counter framework
Bug: Event framework not generating sleep events when reading traces
from disk
Be more strict about returning NULL from trace_get_payload_from_X()
functions
libtrace 3.0.3 (2007-09-05)
Code cleanups w.r.t warnings
tracesplit_dir now provides a warning of the number of packets that had
an unknown direction at the end of the trace
Fix a segfault in tracereport with rxerrors, non ip
Add support for decoding 802.2 LLC/SNAP and Ethernet II in 802.11 frames
Documentation fixes and clarifications
Fix bug with trace_get_payload_from_80211() and 3 vs 4 frame formats
Deal correctly with uri's with parse errors causing segfaults on cleanup
Minor tidyups to protocol decoders
Add more information to libtracepktdump
Correctly deal with PPP captures
Cache trace_get_capture_length() and trace_get_l3() which are both
heavily used internally
Build system cleanups
Add a GRE tracepktdump decoder
Add a preliminary PPPoE tracepktdump decoder
Add more information to tracereport
Fix bug in legacy decoder with wire lengths
Fix bug in trace_ether_ntoa
Add legacynzix: trace format
Don't assert() on bad packets (instead return BADPACKET) for erf traces
Add TRACE_OPTION_EVENT_REALTIME to allow the event framework to playback
traces in realtime
Rename TRACE_META_FREQ to TRACE_OPTION_META_FREQ to follow naming
convention
Correctly deal with errors when using trace_set_option
Deal better with signals when writing packets to files
Add support for dag 3.x
Improved dag 2.5+ support
dag2.5+ supports setting the snaplen from libtrace
Add support for setting direction on linux int: formats
Consider loopback packets outgoing, not incoming
Fix trace_get_source_mac() for wireless frames
Add support for interfaces_per_input to tracemerge
Fix tracereport direction report
Deprecated wag: and wtf formats
libtrace 3.0.2 (2007-04-27)
Fixed make install for libpacketdump
Add support for tsh: and rf+ tracefiles.
Update support for radiotap
Add a new tool traceflow(1)
More correctly deal with pcap LINKTYPE's vs DLT's
Major cleanups of tracereport
libpacketdump Decoder cleanups
trace_event() memory leak fixes
Fix segfaults with bad arguments in tracesplit(1)
Don't suffix a number if we are only generating one file
Support snapping packets
Minor bugs in libtrace error handling
Misc cleanups and bug fixes
libtrace 3.0.1 (2007-03-26)
Added missing manpages to release tarball
Update manpages
Fixed TCP option length calculation in libpacketdump
tracereport has had a massive tidy up
getopt support for disabling/enabling reports.
Documentation cleanups
Fix 0 byte gzwrite(3)'s were causing the compressed file checksum to fail
RT closing issues
Metadata available
tracedump renamed tracepktdump due to naming conflict in debian
Implement better PoS decoding in libtrace for erf, legacypos.
Build fixes for MacOS
libtrace is a library for trace processing. It supports multiple input methods,
including device capture, raw and gz-compressed trace, and sockets; and
multiple input formats, including pcap and DAG.
Features
* Understands PCAP, ERF, DAG, legacy POS, ATM and Ethernet and preliminary
WAG formats
* Read from tracefile, gz-compressed tracefile
* Native DAG read support
* BPF filter support on all input formats
* Format conversion into ERF and PCAP formats
* Write to tracefile for all formats
* Write to interface via PCAP or Natively under Linux
* libpacketdump, a packet dumping library useful for diagnosis
* Various tools for trace manipulation