Releases: DNS-OARC/dnscap
Release 2.4.1
This patch release fixes a bug introduced in v2.4.0 where writing gziped PCAPs broke, and readds sending timestamp to plugins close function which was incorrectly removed in v2.2.1.
Changes:
- Remove obsolete code with zlib being required
- Add gz write test
- Fix #334:
- Readd timestamp when calling plugin close
- Update plugin close interface to pass timestamp that was missed in 2f65abd
Due to submodules in the repository please download this tarball:
https://www.dns-oarc.net/files/dnscap/dnscap-2.4.1.tar.gz
sha256: 524e1883bd9115a669d80fb2a0a0e596ce681fd5fbec39fa5240b86b085837e4
Packages are available at: https://dev.dns-oarc.net/packages/
Release 2.4.0
This release brings support for reading compressed PCAPs, a few new plugin extensions and updates to autotools.
Changes:
- Add
CHANGESto docs - Update autotools requirement to 2.69 and fix deprecation warnings
- Support reading gz/xz/lz4/zst compressed PCAPs based on file extension
- New plugin extensions:
DNSCAP_EXT_GET_PCAP_THREAD_FTELL: function for getting the current uncompressed position in the PCAP file being read upon being calledDNSCAP_EXT_GET_PKTHDR_CAPLEN: function that returns the actual packet length as reported by libpcap
Due to submodules in the repository please download this tarball:
https://www.dns-oarc.net/files/dnscap/dnscap-2.4.0.tar.gz
sha256: 1e568a2e417a3df68efd20c2534c7ec352cf8329ac861cbe301982f62893ef01
Packages are available at: https://dev.dns-oarc.net/packages/
f7e4cad SLE/openSUSE lz4
b30d82f Autotools, compressed PCAPs, plugin extensions
ac7f37b CHANGES
Release 2.3.1
This patch release fixes issues on 32bit systems when they are using 64bit time structures (_TIME_BITS set to 64) and updates pcap-thread to require libpcap with DLT_LINUX_SLL2 support.
Due to submodules in the repository please download this tarball:
https://www.dns-oarc.net/files/dnscap/dnscap-2.3.1.tar.gz
sha256: 012226ddc666d78bf225ef1feeb7b106be94facce33c1c5e48c229735fecf0a1
Packages are available at: https://dev.dns-oarc.net/packages/
a5e9a4a pcap-thread v4.1.1
731d9e0 Add support for 64bit time structures on 32bit systems
Release 2.3.0
This release adds support for Linux cooked v2 link-type, a new output format, a new plugin and fixes a couple of issues.
The new output format tcpdns can be used to generate a file with the DNS as a TCP stream, first 16bit size (network order) then the DNS message, which is compatible with dnsperf -B.
The new plugin asudp can be used to rewrite outgoing packet by taking the DNS that's found and construct UDP packets from it.
Due to submodules in the repository please download this tarball:
https://www.dns-oarc.net/files/dnscap/dnscap-2.3.0.tar.gz
sha256: 858c8e8339ccd654d2ef8c204d24303a02aa74420d59bb49ee767430a25c402c
Packages are available at: https://dev.dns-oarc.net/packages/
Other changes:
- Fix #314:
- man-page: Clarify that
pktsizeis shown before parsing the IP packet -g: Quote,characters
- man-page: Clarify that
- Fix #316: Fix handling of L2/ethernet frames that are larger than the IPv4/v6 packet
- Fix multiple print statements w.r.t.
size_t/struct timeval,%zu/%ldand type casting - Handle extension function pointers better
- Clarify that
-Ccounts uncompressed output - Block PCAP output if TCP reassemble is used
- Increase maximum DNS messages in a reassembled TCP message
- Add new extension interface for setting output packet
- Update pcap-thread to v4.1.0
e689bc8 pcap-thread v4.1.0
29d184b DLT_LINUX_SLL2
ba793a9 Fixes, asudp plugin, tcpdns output format
6c133d4 Ethernet padding
420548a Diag output
8b92a52 SPEC
a3fb1dd Mailing-list
Release 2.2.1
This patch release fixes the BPF to correct capture ICMPv6, a typo in the filter had it matching "ip" and not "ip6".
Other changes are updates to GitHub workflows and man-pages.
Due to submodules in the repository please download this tarball:
https://www.dns-oarc.net/files/dnscap/dnscap-2.2.1.tar.gz
sha256: 44e4f48693c22c3314d24c0706b3ccabdf0337ebbbf1d7510c45605b3ec734ef
Packages are available at: https://dev.dns-oarc.net/packages/
ea82cd1 Copyright
aa14a9f ICMP BPF filter
6ef17e2 Badges
6722677 Workflow
1cb22f0 Man-page opt, Dumper
Release 2.2.0
This release adds anonymization of EDNS Client Subnet to all anonymizer plugins and improves TCP state handling by adding a hash table for lookup rather than walking a list.
Due to submodules in the repository please download this tarball:
https://www.dns-oarc.net/files/dnscap/dnscap-2.2.0.tar.gz
sha256: 2988a62c9df45aab9cd8d8e61e94f8b284d2b71c40170ea9413980687cf54a73
Packages are available at: https://dev.dns-oarc.net/packages/
Plugins that anonymize can now take two new options:
-e: also anonymize EDNS Client Subnet-E: only anonymize EDNS Client Subnet
Other changes:
- Cleanup and improvements to building and testing
- Mention PowerTools repository for building on CentOS etc
- Remove old workarounds in tests before #133
d4e0b2c TCP state hash table
1ea8d3f Doc
12ea061 EDNS Client Subnet anonymization
c9ed7be pcap-dist
b76f745 Cleanup
7682d41 hashtbl
Release 2.1.3
This release fixes a memory leak when using pattern matching options -x or -X, the LDNS packet was not freed correctly.
The processing of the LDNS packet during matching has also been improved.
Due to submodules in the repository please download this tarball:
https://www.dns-oarc.net/files/dnscap/dnscap-2.1.3.tar.gz
sha256: c8af3be57638061cf04d7574e9f35a9164aa0f46c4624f2d6a07b8778f68320d
Packages are available at: https://dev.dns-oarc.net/packages/
Release 2.1.2
This release fixes reusing of TCP state during an out-of-memory event, the reused structure was not cleared of old information. And fixes compatibility with OpenSSL v3.0+ due to deprecated functions.
Due to submodules in the repository please download this tarball:
https://www.dns-oarc.net/files/dnscap/dnscap-2.1.2.tar.gz
sha256: 3f16eace70d426141294160725adf29fe3b5aee31947d1f5c68297ff74c23fc9
Packages are available at: https://dev.dns-oarc.net/packages/
Release 2.1.1
This release includes fixes to TCP state code, anonymizing plugins and handling of EDNS extended error code.
Due to submodules in the repository please download this tarball:
https://www.dns-oarc.net/files/dnscap/dnscap-2.1.1.tar.gz
sha256: ab1a3b1d174de4cd6011781fbc056f32a6472f8cdc2d2e482cb63c20bdb6e019
Packages are available at: https://dev.dns-oarc.net/packages/
-
Ken Renards @kdrenard (PR #275) fixed handling of EDNS extended error code, the previous code looked at
arcountbut ldns "consumes" OPT records so the count could be zero even with existing extended error code. -
Changed anonymizing plugins to anonymize both sending and receiving IP address if both used the server port, part of issue #276 reported by Duane Wessels @wessels. This fixes situations where clients weren't anonymize because they sent using that port.
-
Fixed multiple issues with garbage collection in TCP state handling. It was reusing a pointer that was meant to return the current TCP state so it could return the wrong state when garbage collection was triggered.
It also just unlinked stale states and didn't free them, new code uses the discard function so released state is also tagged as "gc stale".
Lastly the discard function was fixed to clear the current TCP state pointer used by plugins if the discarded state was it.
7f2ddcf Copyright
fd5b744 CodeQL alerts
726d241 TCP state GC
dff421e Anonymize clients
2eb8489 Add CodeQL workflow for GitHub code scanning
c5a0919 Better test for presence of EDNS option with extended error code
Contributors
Assets 2
Release 2.1.0
This release adds a new option (-o pid_file=<file>) to specify a PID file when running as daemon, corrects handling of LDNS include files for some plugins and updates the Root Server Scaling Measurement (RSSM) plugin w.r.t. the upcoming version 5 of RSSAC002 specifications.
The RSSM plugin can now optionally generate label-count metric. This is enabled with -L and is tagged as rssac002v5-draft until v5 is finalized.
The merge tool dnscap-rssm-rssac002 has also been updated because of this, there is now --skip-unsupported to skip all unsupported RSSAC002 version metrics instead of die()'ing.
Due to submodules in the repository please download this tarball:
https://www.dns-oarc.net/files/dnscap/dnscap-2.1.0.tar.gz
sha256: 7880c30965d0ac71a0b5ac30b7d160029146eb9baf6290452158f1266912cad6
Packages are available at: https://dev.dns-oarc.net/packages/
ca7707d RSSAC002v5 label-count metric
3ebee80 Made label count metric optional
41b029a Adding support for label acount metric
799c3fe Missing includes
7089f12 PID file