PR 15799
NeTraMet Version History
========================
v4.4 20 Feb 02
In examples/ directory, moved old rules.* examples
to non_srl. The srl examples are now in the
examples/ directory.
SNMP security issues. I've tested NeTraMet's
SNMP code using the PROTOS test suite. A test
for negative lengths in the ASN.1 parsing code
has been added - that was the only change needed.
The SNMP routines (in snmplib/) perform a lot of
parameter checks, and calls on an ERROR() define.
By default ERROR does nothing. If you're tesing
an SNMP manager against NeTraMet, you can turn
those messages on by adding -DDEBUG to the CFLAGS=
line in snmplib/Makefile and rebuilding the
snmp library.
Change 'interface number' attributes to use
16-bit integers instead of 8-bit. This can
be useful when using NetFlowMet.
v4.4b11 25 Nov 01 Implement -C option for nm_rc, exactly as in
NeMaC. This allows you to use nm_rc to test
rulesets against trace files being read by
crl_ntm or dd_ntm. Sample commands to do this
are:
./crl_ntm -T5 -m1234 -Strace_file -wW~com
./nm_rc -C -m1234 -rpeers.rules localhost W~com
Note: you need CoralReef version 3.5 to build
crl_ntm!
Speed improvements in flowhash:
- move code which doesn't need to be executed
on every call outside blocks in match()
- implement list of running rulesets, instead
of doing serial searches of ri[] table
- use 32-bit hash values for flow and stream
hash tables, use table size specified by
user (rather than trying to pick a prime
above it - that doesn't help, since we
use a set of distinct primes for hashing)
Use long long integers (8 bytes) for counter64
if the host supports them. Newer Pentiums do,
this provides a useful speedup.
Change 'shutdown' request character. It was
a single ESC, but it's too easy to hit a key
which sends an escape sequence! Now you have
to type ESC ESC Return to shut down the meter.
Fix little problems which gave warning messages
when building NeTraMet on an alpha running
Digital Unix. The configure script wasn't
recognising the OS correctly; this didn't
cause problems because none of the programs
have defines testing this any more.
MinPDUs gave compilation errors on alpha,
fixed by adding c64geint() define.
Linux kernel reset promiscuous mode when
forking a NeTraMet daemon. Changed meter_ux.c
to fork first, then open the interfaces.
NeTraMet, NetFlowMet, LfapMet, crl_ntm, dd_ntm
(i.e. all the meters) write error messages and
summary information to a log file using log_msg(),
in the same way as NeMaC. The name of the log
file is meter.log, it will be written in the
directory where the meter starts running.
v4.4b10 23 May 01 LfapMet: RTFM meter for LFAP, code contributed
by Remco Poortinga, <r.poortinga@home.nl>
Added files in src/meter
- README_LfapMet Notes about LfapMet
- lfapmet.h LfapMet globals
- lfapmet.c LfapMet support routines
Added two new MIB variables to reader row,
MinPDUs (default 0) and TimeMark. A flow must
have at least MinPDUs either to or from before
it will be read by a meter reader. TimeMark
is needed to associate an SNMP getnext request
with a particular reader.
MinPDUs can be set using the -M option.
nifty default is -M20, NeMaC default is -M0
Improved save.sav so that it only saves the
files we really need in the NeTraMet distribution.
v4.4b9 11 Apr 01 Fixed bug in NeMaC include statement.
getarg() no longer allows semicolon in an
argument.
Fixed srl compiler bug; optimise 3 wasn't
recognising the end of AND expressions
properly.
NeMaC could fail to open a flow data file
(e.g. because it already existed with
no write access); it now reports this
and doesn't try to run that meter/ruleset.
NeTraMet Coral interface improved to handle
two Dag cards properly. Reads blocks of
cells from each then merges them by timestamp.
NeTraMet uses -Siii to specify a Coral source
(instead of -C'source iii' *****).