Releases: DNS-OARC/dnscap
Release 2.0.3
Thanks to a patch from Duane Wessels (@wessels) this release fixes an issue with filtering where DNS messages without a question section would bypass it.
Due to submodules in the repository please download this tarball:
https://www.dns-oarc.net/files/dnscap/dnscap-2.0.3.tar.gz
sha256: 7d57ca8c0850867b4d38b4868f7da2c53b1d622f25dfd99ac452c54da3f0704c
Packages are available at: https://dev.dns-oarc.net/packages/
ba2112c Fix COPR
0e019ab Filtering
c7e1c8f Refactor and fix qtype and qname matching/filtering.
Release 2.0.2
Thanks to a patch from Duane Wessels (@wessels) this release fixes memory leaks when using -x
/-X
regexp filtering due to incorrect usage of LDNS library.
Due to submodules in the repository please download this tarball:
https://www.dns-oarc.net/files/dnscap/dnscap-2.0.2.tar.gz
sha256: 9071edf92b07cd9e1e454fe49b3acc14fa9204d31aaa8744edb4bd60926497c1
Packages are available at: https://dev.dns-oarc.net/packages/
Other minor changes:
- Clarify what happens if you don't specify
-i
and add information aboutany
andall
- Update debhelper compatibility level to 10
a8925a7 ldns_pkt_all() clones RRs which need to be freed with ldns_rr_list_deep_free()
5104814 Doc
30c36aa debhelper
4ae4356 Bye Travis
Release 2.0.1
Fixed incorrect line break in eventlog's (plugin) output.
Due to submodules in the repository please download this tarball:
https://www.dns-oarc.net/files/dnscap/dnscap-2.0.1.tar.gz
sha256: 1000d26ea24df06391acccd6663d98532225bf08dec738db1610616f0b480350
Packages are available at: https://dev.dns-oarc.net/packages/
5df363c remove trailing newline
Release 2.0.0
This major release contains three backward incompatible changes, two new command line options and a completely restructured man-page(!), please read the change notes carefully before upgrading!
Due to submodules in the repository please download this tarball:
https://www.dns-oarc.net/files/dnscap/dnscap-2.0.0.tar.gz
sha256: 564deb3b7abc5197950bf223bdc9ed7d2a2a04fbadf2f04ed7cd7d57e9d175c7
Packages are available at: https://dev.dns-oarc.net/packages/
The first backward incompatible change has to do with the removal of libbind dependency. This library was causing segfaults on OpenBSD due to shared (and overwritten) symbols with OpenBSD's libc.
It was replaced with LDNS and LDNS renders domain names as Fully Qualified Domain Names (FQDN, the trailing dot!) so every output of a domain name has been changed to a FQDN.
This also changes -X
/-x
, which will now match against FQDNs.
The second backward incompatible change is that -6
has been removed. This was used to alter the BPF in order to "fix" it, dnscap adds specific filters to IP and UDP headers which does not work for IPv6 traffic.
The generated BPF has been changed to allow IPv6 to always pass, making the option obsolete. IPv6 filtering is then done in dnscap.
The last backward incompatible change has to do with the output format of -g
related to EDNS0 and is now more consistent with the rest of the parsable output:
- No more spaces in the output
- Fix incorrect
\
and extra empty new-line - All EDNS0 options are added after
edns0[...]
using comma separation, example:edns0[],edns0opt[],...
- Client Subnet format:
edns0opt[ECS,family=nn,source=nn,scope=nn,addr=...]
- Unknown/unsupported code:
edns0opt[code=nn,codelen=nn]
- Parsing error messages have changed, they came from libbind, now comes from LDNS
New options:
- Add
-q
and-Q
to filter on matched/not matched QTYPE
Bugfixes:
- Fix memory leak in EDNS0 ECS address parsing
network
: Fix sonarcloud issues, potentialmemcpy()
of null pointer
Other changes:
- Fix CBOR output inclusion, LDNS is always available now
- Add macros for Apple and Windows endian functions
- Restructure and correct the man-page
557e5f5 man-page
025529f v6bug, interval
37b79e9 FQDN
ebcf434 QTYPE match, args, tests
0cb5562 v6bug
75f6115 Endian
aaeb213 Sonarcloud
8685946 CBOR output
3e26802 Sonarcloud
30aa366 libbind
3f94d0b Mattermost
Release 1.12.0
This release fixes the handling of -?
option for dnscap and all plugins, previously the handling varied between places and depending on getopt()
implementation an invalid option could return the wrong exit code.
Other changes:
- Fix typo in configure help text
plugins/anonmask
: Fix typo in help textplugins/rzkeychange
:- Add
-D
, dry run mode, for testing - Fix handling of
-a
and error on too many
- Add
KNOWN ISSUES:
On OpenBSD the system library libc exports the same symbols as libbind does and this causes runtime warnings. Until now this has not caused any known problems but is now also causing segfaults if the packet filter used (BPF) includes IPv6 addresses.
On all other platforms OARC supports, these symbols are macros and in so should not cause any problem.
Due to submodules in the repository please download this tarball:
https://www.dns-oarc.net/files/dnscap/dnscap-1.12.0.tar.gz
sha256: 564deb3b7abc5197950bf223bdc9ed7d2a2a04fbadf2f04ed7cd7d57e9d175c7
Packages are available at: https://dev.dns-oarc.net/packages/
ee478c0 Known issues
2f9d957 Tests
3c663a2 Tests
c88efc5 rzkeychange test
f062f33 Tests
Release 1.11.1
This release fixes a lot of issues found by code analysis, adds a explicit memory zeroing function to remove account information (read when dropping privileges) and adds code coverage reporting.
Due to submodules in the repository please download this tarball:
https://www.dns-oarc.net/files/dnscap/dnscap-1.11.1.tar.gz
sha256: c1bd61012c6733e2e9aef6cc67cda25462cf8f81cd656968bdb988e80cc68a1f
Packages are available at: https://dev.dns-oarc.net/packages/
The dnscap_memzero()
will use explicit_bzero()
on FreeBSD and OpenBSD, or memset_s()
(if supported), otherwise it will manually set the memory to zero. This will hopefully ensure that the memory is zeroed as compilers can optimize out memset()
's that is just before free()
.
The plugins exit code for the help option -?
has been changed to 0 to have the same as dnscap -?
.
d9747ee memzero
1cf17c6 Coverage
19c7120 Coverage
7435676 Sonarcloud
928e181 Sonarcloud
ca4afd0 Sonarcloud
028f5e0 Badges
db0d6a1 LGTM
Release 1.11.0
This release includes a new plugin called eventlog
, contributed by Byron Darrah (@ByronDarrah), output DNS activity as log events, including answers to A and AAAA queries.
Other changes includes compile warning and code analysis fixes.
Due to submodules in the repository please download this tarball:
https://www.dns-oarc.net/files/dnscap/dnscap-1.11.0.tar.gz
sha256: 1207b75c9d532b4e9359d12c15e681e381310ff71824c75404632b383a625725
Packages are available at: https://dev.dns-oarc.net/packages/
382eac4 COPR
4c03650 Compile warn
21d6a67 Slight change -- wording now matches usage() output.
dd19b0b Added the eventlog.so plugin...
1ebf504 Added new dnscap plugin: evenlog.so...
f3f9aaa Compile warnings
Release 1.10.4
Fixed a bug that would not drop privileges when not specifying any interface (which is equal to capturing on all interfaces). Added functionality to set the supplemental groups when dropping privileges and changing user, or clear them if that is not supported. Other changes includes corrected man-page about '-w' and update to documentation.
Due to submodules in the repository please download this tarball:
https://www.dns-oarc.net/files/dnscap/dnscap-1.10.4.tar.gz
sha256: e24c05c8e3f65fdbf3e40ce34acc1a3b97829d91b4f20da34041042b9dbb4269
Packages are available at: https://dev.dns-oarc.net/packages/
a0285e4 drop privileges errors, initgroups/setgroups
96336f3 daemon: Attempt to drop supplemental groups
467a9a7 Drop privileges
de940a8 man-page -w
187ec43 README
Release 1.10.3
Fixed plugins inclusion in deb packages for Debian and Ubuntu.
Due to submodules in the repository please download this tarball:
https://www.dns-oarc.net/files/dnscap/dnscap-1.10.3.tar.gz
sha256: 1be6fa745c8654fb99fd951e767d0dddb50131c96806fa920a92a294f8f36e18
Packages are available at: https://dev.dns-oarc.net/packages/
Release 1.10.2
Fixed bug in the handling of defragmentation configuration which lead to the use of a local scope variable later on and caused unexpected behavior.
Due to submodules in the repository please download this tarball:
https://www.dns-oarc.net/files/dnscap/dnscap-1.10.2.tar.gz
sha256: fabeb5e037b80f572808e10aafcbf12190e0e62a89c2695d0cc52bd7de30c28b
Packages are available at: https://dev.dns-oarc.net/packages/