nfdump-1.7.6 is out and introduces many improvements:
- Improve speed through some code optimisation.
- Improve support for Palo Alto PA-5420.
- Add filter for
min ttlandmax ttlttl equalfilter formin ttl == max ttl. - Implements Tunnel extension & IPv6 encapsulation in sfcapd.
- Allow user selected output format with custom aggregation.
- Add ident as %idt token in output formats.
- Teach nfpcapd to read gzip compressed pcap files transparently.
- Improve exporter algorithm.
- Add Subdir -S to dynamic FlowSource -M.
- Extend timeWindow to msec format everywhere
- Lot's of bug fixes and tiny changes to make life easier for users :)
For the detailed list, see the ChangeLog file.