[flow-tools] flow-tools-0.63

Mark Fullmer maf@eng.oar.net
Thu, 12 Dec 2002 11:47:39 -0500 

Available from http://www.splintered.net/sw/flow-tools

* 12-12-2002 flow-tools-0.63 released

* ftlib: ftstat.c - More informative error message when invalid field -
  patch from wyu@ateneo.edu

* docs: flow-capture - hosts.allow requires flow-capture-client, not
  flow-capture - noted by stewart@net.ohio-state.edu

* flow-capture: TCP client port should be same as UDP netflow port - noted
  by stewart@net.ohio-state.edu

* ftlib: ftfil.c: moved primitive initialization code to
  parse_primitive_type() to avoid state loss when 'default'
  or 'mask' keyword used before a permit/deny.

* ftlib: ftfil.c: tos, marked_tos, tcp_flags mask applied to flow not
  to a copy - noted by nik.hinson@assurance-dynamics.com

* flow-export -f4 wire format - requested by mikeh@ncsa.uiuc.edu

* docs: flow-print.sgml - document column headers.

* flow-report / ftstat.c - added runtime variable binding and output
  path substitution support, ie run with -v ROUTER=NYCM and use
  output path '/report/@ROUTER/report-out'

* ftlib: ftvar.c - variable binding functions.

* ftlib: ftstat.c - summary-detail report will produce core if no flows
  are processed - noted by rjd@merit.edu

* docs: not all targets included in distribution - noted by
  Jeje <jeje@jeje.org>

* ftlib: ftio.c byte order of output not always in synch with flags -
  noted by mikeh@ncsa.uiuc.edu

* docs: flow-filter port correction - mhunter@ack.Berkeley.EDU 

* ftlib: ftstat.c names option works with IP addresses -- DNS lookups.
  req by nik.hinson@assurance-dynamics.com

* ftlib: ftstat.c: min_pps,max_pps,min_bps,max_bps calculations,
  reduce memory and CPU footprint if *ps calculations are not selected.
  req by nik.hinson@assurance-dynamics.com

* ftlib: ftstat.c: linear-interpolated-flows-octets-packets,first,last,
  duration,ip-source-address/source-tag,ip-source-address/destination-tag,
  ip-destination-address/source-tag,ip-destination-address/destination-tag,
  ip-source/destination-address/source/destination-tag,
  ip-source/destination-address/ip-protocol/ip-tos reports.
  req by nik.hinson@assurance-dynamics.com

* ftlib: ftstat.c: new fields, index,first,last
  req by nik.hinson@assurance-dynamics.com

* ftlib: ftstat.c: integrated mask eval
  req by nik.hinson@assurance-dynamics.com

* flow-mask: new - replace mask length based on prefix.
  req by nik.hinson@assurance-dynamics.com

* ftlib: fttag.c: tag on tcp-src-port, tcp-dst-port, tcp-port, udp-src-port,
  udp-dst-port, udp-port, tos.
  req by nik.hinson@assurance-dynamics.com

* ftlib: fttag.c: rework to use jump tables to support more match types
  w/o performance impact.

* flow-stat: -f32 did not have symbol lookups enabled, noted by
  Michael Redinger <Michael.Redinger@uibk.ac.at

* docs: flow-tag man page example does not work - noted by
  Michael.Redinger@uibk.ac.at

* flow-fanout: -V does not work, noted by gritzko@dcn.ru

mark