- Update to version 1.7.6
* Improve speed through some code optimisation.
* Improve support for Palo Alto PA-5420.
* Add filter for min ttl and max ttl ttl equal filter for
min ttl == max ttl.
* Implements Tunnel extension & IPv6 encapsulation in sfcapd.
* Allow user selected output format with custom aggregation.
* Add ident as %idt token in output formats.
* Teach nfpcapd to read gzip compressed pcap files transparently.
* Improve exporter algorithm.
* Add Subdir -S to dynamic FlowSource -M.
* Extend timeWindow to msec format everywhere.
* Lot's of bug fixes and tiny changes.
OBS-URL: https://build.opensuse.org/request/show/1270894
OBS-URL: https://build.opensuse.org/package/show/server:monitoring/nfdump?expand=0&rev=29
- Update to version 1.7.1
* Fix#394. Event labeling
* Implement #393 consistent logging
* Add feature #391. Add country code aggregation
* Fix#392. Fix format options with IPv6
* Implement #390. Aggregation for GeoDB's enriched AS data
* Add OpenBSD pflog decoding in nfpcapd and nfdump
* Fix#389 receiving IPv4 on IPv6 socket in sfcapd
* Fix#385 bug when compiled on i386 arch - 32bit alignment
* Fix#384 bug when compile with --enable-nsel
* Implement #366 Linux NFLOG link layer protocol in nfpcapd
* Fix#381 pcap overwrite in nfpcapd fixed
* Implement #377. Rework sampling code in general. Switch to
packet interval/space notation. Map older sampling to new
notation.
* Fix#375 relative timestamps with sysUptime id 160
* Rework nbar code. Use new array records and fix nbar bug in
older versions.
* Fix#370. Help shows correct option -A
* Fix#369. Legacy -M for NfSen works again
* Improve nbar handling. Add private enterprise number decoding
OBS-URL: https://build.opensuse.org/request/show/1060181
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/nfdump?expand=0&rev=9
- Update to version 1.7.0
* Fix#394. Event labeling
* Implement #393 consistent logging
* Add feature #391. Add country code aggregation
* Fix#392. Fix format options with IPv6
* Implement #390. Aggregation for GeoDB's enriched AS data
* Add OpenBSD pflog decoding in nfpcapd and nfdump
* Fix#389 receiving IPv4 on IPv6 socket in sfcapd
* Fix#385 bug when compiled on i386 arch - 32bit alignment
* Fix#384 bug when compile with --enable-nsel
* Implement #366 Linux NFLOG link layer protocol in nfpcapd
* Fix#381 pcap overwrite in nfpcapd fixed
* Implement #377. Rework sampling code in general. Switch to
packet interval/space notation. Map older sampling to new
notation.
* Fix#375 relative timestamps with sysUptime id 160
* Rework nbar code. Use new array records and fix nbar bug in
older versions.
* Fix#370. Help shows correct option -A
* Fix#369. Legacy -M for NfSen works again
* Improve nbar handling. Add private enterprise number decoding
OBS-URL: https://build.opensuse.org/request/show/1057744
OBS-URL: https://build.opensuse.org/package/show/server:monitoring/nfdump?expand=0&rev=18
- Update to version 1.7.0.1
* Fix build issues in nfdump-1.7.0
- Drop patches:
* 0001-Add-missing-variable-initialization.patch
* 0002-Handle-fscanf-return-value-in-pidfile.c.patch
* 0003-Fix-snprintf-length-argument.patch
* fix-build.patch
- Update to version 1.7.0
* nfdump is now a multi-threaded program and uses parallel
threads mainly for reading, writing and processing flows as
well as for sorting. This may result in a 2 to 3 times faster
flow processing, depending on the tasks. The speed improvement
also heavily depends on the hardware (SSD/HD) and flow
compression option.
* For netflow v9 and IPFIX, nfdump now supports flexible length
fields. This improves compatibility with some exporters such
as yaf and others. The netflow v9 decoder is more flexible in
decoding.
* Support for Cisco Network Based Application Recognition (NBAR).
* Supports Maxmind geo location information to tag/geolocate IP
addresses and AS numbers.
* nfpcapd automatically uses TPACKET_V3 for Linux. This improves
packet processing. It adds new options to collect MAC and VLAN
information as well as the first packet of the payload.
* Metric exports: By default, every 60s a flow summary statistics
can be sent to a UNIX socket. The corresponding program may be
nfinflux to insert these metrics into an influxDB or nfexporter
for Prometheus monitoring.
- Add patches:
OBS-URL: https://build.opensuse.org/request/show/1008291
OBS-URL: https://build.opensuse.org/package/show/server:monitoring/nfdump?expand=0&rev=16
- Update to version 1.6.23
* Fix potential FreeNode without valid Node in nfpcapd.
* Add all non TCP/UDP IP protocols as streams in nfpcapd
* Add mpls unwrap in nfpcapd. Skip MPLS labels
* Add ESP to processed protocols in nfpcapd.
* Some Code cleanup
* Change spin lock to native C11 lock
* Cleanup code for issue #283
* Fix minor nfpcapd issues
* Add mpls unwrap in sflow code - adds mpls labels if available
* Update rbtree.
* Fix potential deadlock in nfpcapd if it terminates.
* Add packet capture buffer size to nfpcapd
* Fix sflow code extended field parsing. #262 and #273
* Fix endless loop of nfexpire, if it does not find files
* Fix processing deoding error for yaf exporter
* Zero out tcp flags for non TCP records
* Add reverse element enterprise ID 29305 for counter values
* Add biFlow direction element 239
* Add flow end reason element 136
* Make -Tall the default for nfcapd to collect extensions
* Code cleanup and boundary checks in option template processing
* Implement element 160 (SystemInitTime) in option template
* Add Element 160 (SystemInitTime) in flow record used by Huawei
* Fix path handling for -l
* Fix print plain numbers #263
OBS-URL: https://build.opensuse.org/request/show/891124
OBS-URL: https://build.opensuse.org/package/show/server:monitoring/nfdump?expand=0&rev=10
- Update to version 1.6.21
* Implement rfc 7011 and include sender UDP port into unique
template identification.
* Add token 'dir' equivalent to 'flowdir' in filter syntax.
* Add optional print direction ascending or descending to output
of statistics -s and ordered printing -O.
* Avoid use_syslog name clash on certain OS.
* Honor -n flag when printing sorted flow cache.
* Fix uninitialized variable printPlain.
* Fix bug #223 limit matchig flows -c
* Restore old behaviour unlimiting output flows unless in -s stat
* Fix ft2nfdump nexthop fields
* Fix ft2nfdump extension map size
* internal: put output parameters in a single struct
* Fix GuessDir bug - issue #215
OBS-URL: https://build.opensuse.org/request/show/824142
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/nfdump?expand=0&rev=3
- Update to version 1.6.21
* Implement rfc 7011 and include sender UDP port into unique
template identification.
* Add token 'dir' equivalent to 'flowdir' in filter syntax.
* Add optional print direction ascending or descending to output
of statistics -s and oredered printing -O.
* Avoid use_syslog name clash on certain OS.
* Honor -n flag when printing sorted flow cache.
* Fix uninitialized variable printPlain.
* Fix bug #223 limit matchig flows -c
* Restore old behaviour unlimiting output flows unless in -s stat
* Fix ft2nfdump nexthop fields
* Fix ft2nfdump extension map size
* internal: put output parameters in a single struct
* Fix GuessDir bug - issue #215
OBS-URL: https://build.opensuse.org/request/show/823974
OBS-URL: https://build.opensuse.org/package/show/server:monitoring/nfdump?expand=0&rev=5
