pmacct/pmacct.changes

-------------------------------------------------------------------
Thu Jan 14 18:59:13 UTC 2016 - mardnh@gmx.de

- update to version 1.5.3
  + Introduced the Kafka plugin: Apache Kafka is publish-subscribe messaging
    rethought as a distributed commit log. Its qualities being: fast, scalable,
    durable and distributed by design. pmacct Kafka plugin is designed to
    send aggregated network traffic data, in JSON format, through a Kafka
    broker to 3rd party applications.
  + Introduced Kafka support to BGP and BMP daemons, in both their msglog
    and dump flavors (ie. see [bgp|bmp]_daemon_msglog_kafka_broker_host and
    [bgp_table|bmp]_dump_kafka_broker_host and companion config directives).
  + Introduced support for a Kafka broker to be used for queueing and data
    exchange between Core Process and plugins. plugin_pipe_kafka directive,
    along with all other plugin_pipe_kafka_* directives, can be set globally
    or apply on a per plugin basis - similarly to what was done for RabbitMQ
    (ie. plugin_pipe_amqp). Support is currently restricted only to print
    plugin.
  + Added a new timestamp_arrival primitive to expose NetFlow/IPFIX records
    observation time (ie. arrival at the collector), in addition to flows
    start and end times (timestamp_start and timestamp_end respectively).
  + plugin_pipe_amqp: feature extended to the plugins missing it: nfprobe,
    sfprobe and tee.
  + Introduced bgp_table_dump_latest_file: defines the full pathname to
    pointer(s) to latest file(s). Update of the latest pointer is done
    evaluating files modification time. Many thanks to Juan Camilo Cardona
    ( @jccardonar ) for proposing the feature.
  + Introduced pmacctd_nonroot config directive to allow to run pmacctd
    from a user with non root privileges. This can be desirable on systems
    supporting a tool like setcap, ie. 'setcap "cap_net_raw,cap_net_admin=ep"
    /path/to/pmacctd', to assign specific system capabilities to unprivileged
    users. Patch is courtesy by Laurent Oudot ( @loudot-tehtris ).
  + Introduced plugin_pipe_check_core_pid: when enabled (default), validates
    the sender of data at the plugin side. Useful when plugin_pipe_amqp or
    plugin_pipe_kafka are enabled and hence a broker sits between the daemon
    Core Process and the Plugins.
  + A new debug_internal_msg config directive to specifically enable debug
    of internal messaging between Core process and plugins.
  ! bgp_table_dump_refresh_time, bmp_dump_refresh_time: max allowed value
    raised to 86400 from 3600.
  ! [n|s]facctd_as_new renamed [n|s]facctd_as; improved input checks to all
    *_as (ie. nfacctd_as) and *_net (ie. nfacctd_net) config directives.
  ! pkt_handlers.c: NF_sampling_rate_handler(), SF_sampling_rate_handler()
    now perform a renormalization check at last (instead of at first) so to
    report the case of unknown (0) sampling rate.
  ! plugin_pipe_amqp_routing_key: default value changed to '$core_proc_name-
    $plugin_name-$plugin_type'. Also, increased flexibility for customizing
    the key with the use of variables (values computed at startup).
  ! Improved amqp_receiver.py example with CL arguments and better exception
    handling. Also removed file amqp_receiver_trace.py, example is now merged
    in amqp_receiver.py.
  ! fix, BMP daemon: greatly improved message parsing and segment reassembly;
    RabbitMQ broker support found broken; several code optimizations are also
    included.
  ! fix, plugin_pipe_amqp_routing_key: check introduced to prevent multiple
    plugins to bind to the same RabbitMQ exchange, routing key combination.
    Thanks to Jerred Horsman for reporting the issue.
  ! fix, MongoDB plugin: added a custom oid fuzz generator to prevent
    concurrent inserts to fail; switched from deprecated mongo_connect() to
    mongo_client(); added MONGO_CONTINUE_ON_ERROR flag to mongo_insert_batch
    along with more verbose error reporting. Patches are all courtesy by
    Russell Heilling ( @xchewtoyx ).
  ! fix, nl.c: increments made too early after introduction of MAX_GTP_TRIALS
    Affected: pmacctd processing of GTP in releases 1.5.x. Patch is courtesy
    by TANAKA Masayuki ( @tanakamasayuki ).
  ! fix, pkt_handlers.c: improved case for no SAMPLER_ID, ALU & IPFIX in
    NF_sampling_rate_handler() on par with NF_counters_renormalize_handler().
  ! fix, SQL scripts: always use "DROP TABLE IF EXISTS" for both PostgreSQL
    and SQLite. Pathes are courtesy by Vincent Bernat ( @vincentbernat ).
  ! fix, plugin_hooks.c: if p_amqp_publish_binary() calls were done while a
    sleeper thread was launched, a memory corruption was observed.
  ! fix, util.c: mkdir() calls in mkdir_multilevel() now default to mode 777
    instead of 700; this allows more play with files_umask (by default 077).
    Thanks to Ruben Laban for reporting the issue.
  ! fix, BMP daemon: solved a build issue under MacOS X. Path is courtesy by
    Junpei YOSHINO ( @junpei-yoshino ).
  ! fix, util.c: self-defined Malloc() can allocate more than 4GB of memory;
    function is also now renamed pm_malloc().
  ! fix, PostgreSQL plugin: upon purge, call sql_query() only if status of
    the entry is SQL_CACHE_COMMITTED. Thanks to Harry Foster ( @harryfoster )
    for his support resolving the issue.
  ! fix, building system: link pfring before pcap to prevend failures when
    linking. Patch is courtesy by @matthewsf . 
  ! fix, plugin_common.c: memory leak discovered when pending queries queue
    was involved (ie. cases where print_refresh_time > print_history). Thanks
    to Edward Henigin for reporting the issue.

-------------------------------------------------------------------
Tue Sep  8 15:11:04 UTC 2015 - mardnh@gmx.de

- update to version 1.5.2
- add patch: pmacct-fix-implicit-pointer-decl.diff

-------------------------------------------------------------------
Sun Jul 26 07:57:48 UTC 2015 - mardnh@gmx.de

- do not build with ULOG on newer versions > 13.2 since it got removed
  from mainstream linux kernel >= 3.17
  http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=7200135bc1e61f1437dc326ae2ef2f310c50b4eb

-------------------------------------------------------------------
Sat Feb 21 20:28:55 UTC 2015 - mardnh@gmx.de

- update to version 1.5.1
 + BMP daemon: BMP, BGP Monitoring Protocol, can be used to monitor BGP
   sessions. The current implementation is base on the draft-ietf-grow-bmp-07
   IETF draft. The daemon currently supports BMP events and stats only, ie.
   initiation, termination, peer up, peer down and stats reports messages.
   Route Monitoring is future (upcoming) work but routes can be currently
   sourced via the BGP daemon thread (best path only or ADD-PATH), making
   the two daemons complementary. The daemon enables to write BMP messages
   to files or AMQP queues, real-time (msglog) or at regular time intervals
   (dump) and is a separate thread in the NetFlow (nfacctd) or sFlow (sfacctd)
   collectors.
 + tmp_net_own_field directive is introduced to record both individual source
   and destination IP addresses and their IP prefix (nets) as part of the same
   aggregation method. While this should become default behaviour, a knob for
   backward-compatibility is made available for all 1.5 until the next major
   release.
 + Introduced nfacctd_stitching and equivalents (ie. sfacctd_stitching):
   when set to true, given an aggregation method, two new non-key fields are
   added to the aggregate upon purging data to the backend: timestamp_min is
   the timestamp of the first element contributing to a certain aggregate
   and timestamp_max is the timestamp of the last element. In case the export
   protocol provides time references, ie. NetFlow/IPFIX, these are used; if not
   the current time (hence time of arrival to the collector) is used instead.
 + Introduced amqp_routing_key_rr feature to perform round-robin load-
   balancing over a set of routing keys. This is in addition to existing,
   and more involved, functionality of tag-based load-balancing.
 + Introduced amqp_multi_values feature: this is same feature in concept as
   sql_multi_values (see docs). The value is the amount of elements to pack
   in each JSON array.
 + Introduced amqp_vhost and companion (ie. bgp_daemon_msglog_amqp_vhost)
   configuration directives to define the AMQP/RabbitMQ server virtual host.
 + BGP daemon: bgp_daemon_id now allows to define the BGP Router-ID disjoint
   from the bgp_daemon_ip definition. Thanks to Bela Toros for his patch.
 + tee plugin: introduced tee_ipprec feature to color replicated packets,
   both in transparent and non-transparent modes. Useful, especially when
   in transparent mode and replicating to hosts in different subnets, to
   verify which packets are coming from the replicator.
 + tee plugin: plugin-kernel send buffer size is now configurable via a new
   config directive tee_pipe_size. Improved logging of send() failures.
 + nfacctd: introduced support for IPFIX sampling/renormalization using
   element IDs: #302 (selectorId), #305 (samplingPacketInterval) and #306
   (samplingPacketSpace). Many thanks to Rene Stoutjesdijk for his support.
 + nfacctd: added also support for VLAN ID for NetFlow v9/IPFIX via element
   type #243 (it was already supported via elements #58 and #59). Support was
   also added for 802.1p/CoS via element #244.
 + nfacctd: added native support for NetFlow v9/IPFIX IE #252 and #253 as
   part of existing primitives in_iface and out_iface (additional check).
 + pre_tag_map: introduced 'cvlan primitive. In NetFlow v9 and IPFIX this is
   compared against IE #245. The primitive also supports map indexing.
 + Introduced pre_tag_label_filter to filter on the 'label' primitive in a
   similar way how the existing pre_tag_filter feature works against the
   'tag' primitive. Null label values (ie. unlabelled data) can be matched
   using the 'null' keyword. Negations are allowed by pre-pending a minus
   sign to the label value.
 + IMT plugin: introduced '-i' command-line option to pmacct client tool: it
   shows last time (in seconds) statistis were cleared via 'pmacct -e'.
 + print, MongoDB & AMQP plugins: sql_startup_delay feature ported to these
   plugins.
 ! sql_num_hosts: the feature has been improved to support IPv6 addresses.
   Pre-requisite is definition of INET6_ATON() function in the RDBMS, which
   is the case for MySQL >= 5.6.3. In SQLite such function has to be defined
   manually.
 ! nfacctd: improved NF_evaluate_flow_type() euristics to reckon NetFlow/
   IPFIX event (NAT, Firewall, etc.) vs traffic (flows) records.
 ! fix, GeoIP: spit log notification (warning) in case GeoIP_open() returns
   null pointer.
 ! fix, IMT plugin: pmacct client -M and -N queries were failing to report
   results on exact matches. Affected: 1.5.0. Thanks to Xavier Vitard for
   reporting the issue.
 ! fix, pkt_handlers.c: missing else in NF_src_host_handler() was causing
   IPv6 prefix being copied instead of IPv6 address against NetFlow v9 recs
   containing both info.
 ! fix, uacctd: informational log message now shows the correct group the
   daemon is bound to. Thanks to Marco Marzetti for reporting the issue.
 ! fix, nfv9_template.c: missing byte conversion while decoding templates
   was causing SEGV under certain conditions. Thanks to Sergio Bellini for
   reporting the issue.

-------------------------------------------------------------------
Thu Nov  6 21:50:04 UTC 2014 - mardnh@gmx.de

- temporary workaround for misc compile issues
  * removed post-build-checks

-------------------------------------------------------------------
Wed Sep 17 13:50:20 UTC 2014 - mardnh@gmx.de

- update to version 1.5.0
- specfile cleanup

-------------------------------------------------------------------
Fri Jul 30 06:09:43 UTC 2010 - pascal.bleser@opensuse.org

- update to 0.12.3:
  * a 'cos' aggregation primitive has been implemented, providing support for 802.1p priority
  * TCP MD5 signatures are supported as part of the BGP daemon
  * in nfprobe and sfprobe, the concept of traffic direction has been introduced, and as a result [ns]fprobe_direction and [ns]fprobe_ifindex config directives have been implemented
  * Switch Extension Header support and Counter Samples for multiple interface features have been added in sfprobe
  * a number of bugfixes are included

-------------------------------------------------------------------
Thu May 27 11:48:10 UTC 2010 - nix@opensuse.org

- update to 0.12.2

-------------------------------------------------------------------
Wed Feb 17 00:00:00 UTC 2010 - pascal.bleser@opensuse.org

- update to 0.12.0:
  * the "is_symmetric" aggregation primitive has been implemented
    and is aimed at easing detection of asymmetric traffic
  * tagging is now possible on BGP primitives
  * various fixes are also included

-------------------------------------------------------------------
Mon Jul 21 00:00:00 UTC 2008 - peter+rpmspam@suntel.com.tr

- Update to version 0.11.5


-------------------------------------------------------------------
Fri Nov 17 00:00:00 UTC 2006 - peter+rpmspam@suntel.com.tr

- Changed the permissions of the conf files to writable


-------------------------------------------------------------------
Tue May 16 00:00:00 UTC 2006 - peter+rpmspam@suntel.com.tr

- Cleaned up SPEC file a some more and updated to 0.10.1


-------------------------------------------------------------------
Wed May 10 00:00:00 UTC 2006 - peter+rpmspam@suntel.com.tr

- Fixup spec file to work properly on SUSE Build system


-------------------------------------------------------------------
Tue Dec 27 00:00:00 UTC 2005 - silfreed@silfreed.net

- upgraded to 0.9.6
- split database backends into separate binaries
- added 64bit counter support by default


-------------------------------------------------------------------
Thu Dec  8 00:00:00 UTC 2005 - silfreed@silfreed.net

- upgraded to 0.9.5
- removed shortver


-------------------------------------------------------------------
Sun Nov 13 00:00:00 UTC 2005 - silfreed@silfreed.net

- upgraded to 0.9.4


-------------------------------------------------------------------
Wed Oct 12 00:00:00 UTC 2005 - silfreed@silfreed.net

- upgraded to 0.9.3


-------------------------------------------------------------------
Tue Aug 23 00:00:00 UTC 2005 - silfreed@silfreed.net

- upgraded to 0.9.1


-------------------------------------------------------------------
Tue May 24 00:00:00 UTC 2005 - silfreed@silfreed.net

- changed 'libmysqlclient' Require to 'mysql'


-------------------------------------------------------------------
Mon May 23 00:00:00 UTC 2005 - silfreed@silfreed.net

- removed epoch (old versions won't upgrade correctly)
- upgraded to 0.8.6


-------------------------------------------------------------------
Sat Apr 10 00:00:00 UTC 2004 - dwarner@ctinetworks.com

- Initial RPM release.