4b23aab34c
* Replaced IO subsystem with wandio abstraction * IO / compression / decompression is now performed in a separate thread, resulting in improved performance * Modular design makes it easy to add support for new compression formats * Added native support for reading and writing bzip files * Added native support for writing lzo files * JITing of BPF bytecode using LLVM, leading to faster BPF filtering * Added enums for post-IP protocols and Ethertypes * Write support added for DAG cards - thanks to Daniel Lawson * Added new trace tool: tracetop. Shows the top N flows each second * Added new trace tool: tracereplay. Attempts to replay trace files in trace time * Added new trace tool: tracediff. Displays packets that differ between two trace files * Added trace_get_timespec() function * If the format is not specified as part of the URI, libtrace can now attempt to guess the trace format * Libpacketdump can now decode CHDLC and PPP/HDLC headers * Added all the code examples from the libtrace tutorial to the examples directory Bug Fixes: * Fixed bug where packets read from a DAG card that did not match the filter were causing lengthy sleep events under the event API * Fixed various tools that were not reporting the occurrence of a read error * Fixed segfault caused by malformed URIs * Fixed bug where reading a zero-length payload from a PCAP trace would result in an EOF being incorrectly reported * Fixed bug where filtered packet count was not initialised to zero * trace_get_payload_from_ip() now returns NULL when the IP version is incorrect rather than asserting * Fixed segfault when writing packets to a Linux native socket, caused by byte ordering issue * Fixed bug where custom pcap event function was not being used * Fixed misplaced assertion in the pcap file reading code * Fixed bug where trace_event would never get a packet event under recent versions of libpcap * Fixed assertion failure when an unknown linktype is encountered by libpacketdump * Fixed error caused by LCP packets that are common in some trace sets, e.g. Leipzig * Increased size of RT packet buffer to fix problems caused by jumbograms * Fixed errors caused by 32- and 64-bit incompatibility when sending Linux Native packets using the RT protocol * trace_get_*_port() functions now always return 0 for ICMP packets * Fixed problems with decoding HDLC and CHDLC headers * Fixed segfault when reading PCAP packets that had no packet content * Fixed bug where PCAP packets would be written with a larger capture length than the wire length * Fixed segfault in the TCP segment report in tracereport caused by segments larger than 1500 bytes * Fixed bug with restarting a PCAP trace file * Fixed bugs relating to the size of the TSH packet records * Fixed bug where we were not accounting for the FCS in legacy Ethernet captures * Fixed bug where libpacketdump could not decode Linux SLL properly due to using an "undefined" function * Fixed bug where libpacketdump was not skipping IP options before attempting to decode the next header * Fixed bug where padding was being treated as part of a truncated header * Fixed assertion when converting a packet with a corrupt wire length to PCAP * More fixes for missing #includes Improvements: * trace_get_source_address() and trace_get_destination_address() now return link layer addresses in the absence of an IP header wherever possible * trace_get_<protocol> short-cut functions now return NULL if the entire header (minus options) is not present in the packet * Added missing set_capture_length() functionality for Linux Native * traceanon can now write compressed traces * traceanon now replaces checksums with zeroes * traceanon, tracesplit and tracemerge now support all libtrace compression types for output * tracereport no longer does the flow report by default * Added support for new ERF types * Added linktype for Experimental Ethernet * Added --count option to tracereport * Added --merge-inputs option to tracertstats * Added support for ARPHRD_NONE * Added a libpacketdump decoder for ubiquity headers * Improved libpacketdump's method of searching for decoders * More efficient arrangement of internal structures * Tidied up exported symbols * General code maintenance * Tidied up manpages * Improved documentation |
||
|---|---|---|
| .. | ||
| DESCR | ||
| distinfo | ||
| Makefile | ||
| PLIST | ||