WAND Network Research Group University of Waikato Crest Of Arms

libtrace

Old Changes to libtrace version 2

In 2.0.28

  • Fixed build system
  • Fixed bug in trace_get_seconds for pcap
  • Added --unique-packets option to trace
  • Fixed segfault in tracemerge

In 2.0.27

  • Fixed bug with packet lengths being passed to bpf_filter (reported by Zhani Mohamed Faten). (Test: test/test-filter.c)
  • fix bug with intervals in tracertstats (reported by Zhani Mohamed Faten).
  • fix bug with tracemerge (reported by Zhani Mohamed Faten).
  • add test3 regression testing suite to the test suite
  • Fix some portability issues (reported by Orlando Bassotto)

In 2.0.26

  • Completely reworked wag support - there are now two wag uris: "wag" for wag live capture and "wtf" for wag traces
  • tracertstats now supports sub-second packet intervals
  • A number of minor bug fixes, check the Changelog
  • trace_output_create now appends to existing files rather than truncating them

In 2.0.25

  • A whole pile of bugs, check the Changelog
  • Added tools/tracestats

In 2.0.24

  • Minor bugfixes
  • Auto* applied to the tools/ directories - these are now built and installed automatically
  • --disable-tools and --disable-libpacketdump configure options

In 2.0.23

  • tools/ directory containing some (hopefully) useful libtrace applications:
    • traceanon: perform prefix-preserving or bulk IP anonymisation on a trace
    • tracedump: tcpdump-style program using libpacketdump
    • tracemerge: join multiple traces together into one, interleaving if neccessary.
    • tracereport: generate various reports on traces
    • tracertstats: generate byte/packet counters for supplied BPF filters on a set time interval
    • tracesplit: split a trace based on time, packet offset, byte offset
  • a new library, libpacketdump, which will dump out packet contents based on a set of modules.

In 2.0.22

  • Support for legacy DAG POS, ATM and Ethernet formats via the following URI schemes:
    • legacypos:
    • legacyatm:
    • legacyeth:

In 2.0.21

  • Will skip VLAN headers if present

In 2.0.20

  • Better trace writing support
    • (optionally compressed) ERF and WAG traces
    • PCAP traces via pcap_dump
  • Format conversion into ERF and PCAP formats when writing

In 2.0.19

  • Primitive trace writing support
    • rtserver output
    • gzdisk output
  • Moved input format (erf,pcap,wag) code into separate modules to improve development of new input formats
  • Added trace_perror() and libtrace errno functionality

In 2.0.18

  • Fix opening large gzip compressed traces
  • Include autogenerated (from doxygen) man, html and latex docs
  • Install man pages
  • Most of the programs in examples should compile cleanly now

In 2.0.17

  • Fixed a bug in the pcap path where erf and double format timestamps where not being synthesized correctly
  • Better error reporting in bpf_setfilter

In 2.0.16

  • Major fixups in the event api, this should work cleanly now for all inputs
  • Added two new helper functions - trace_get_source_port and trace_get_destination_port
  • Ported to OpenBSD - Thanks to Phil Murray
  • Added preliminary support for OpenBSD's PFLOG mechanism

In 2.0.15b

  • Fixed a bug in the pcap path under FreeBSD
  • Fixed calls to trace_get_link to handle returned NULLs when an RX error is detected
  • Fixed a memory leak introduced in the pcap path

In 2.0.14

  • PCAP decoding of PPP interfaces in Linux (DLT_LINUX_SLL)
  • trace_get_direction() works on the above as well

In 2.0.13

  • Improved docs
  • Added functions to retrieve TCP, UDP and ICMP headers encapsulated within an IP sublayer (eg, IP headers embedded in an ICMP error packet)
  • Added trace_get_next_option() for parsing TCP/IP options

In 2.0.12

  • Check for fragmented IP packets properly

In 2.0.11

  • Added a fallback function for strndup to fix compilation under FreeBSD