Linux Forensics Tools Repository: Package Summary for Packages on October 27, 2017:

  • yaf{,-devel}-2.9.0-1.{fc21,fc22,fc23,fc24,fc25,fc26,el6,el7}.{i686,x86_64}.rpm - Yaf is Yet Another Flowmeter and yaf is a suite of tools to do flow metering. Yaf is used as a sensor to capture flow information on a network and export that information in IPFIX format. It reads packet data from pcap(3) dumpfiles as generated by tcpdump(1), from live capture from an interface using pcap(3), an Endace DAG capture device, or a Napatech adapter, aggregates these packets into flows, and exports flow records via IPFIX over SCTP, TCP or UDP, Spread, or into serialized IPFIX message streams (IPFIX files) on the local file system. See here for the changes since the last released version (2.8.4).
  • fmem-kernel-modules-el7-{i686,x86_64}-1.6-1.36.noarch.rpm - Support for the following kernels were added for Fmem:
    • 3.10.0-693.5.2 for EL7

  • lime-kernel-modules-el7-{i686,x86_64}-1.1.r17-36.noarch.rpm - Support for the following kernels were added for LiME:
    • 3.10.0-693.5.2 for EL7

  • super_mediator-1.5.3-1.{fc21,fc22,fc23,fc24,fc25,fc26,el6,el7}.{i686,x86_64}.rpm - Super_mediator is an IPFIX mediator for use with the YAF and SiLK tools. It collects and filters YAF output data to various IPFIX collecting processes and/or csv files. Super_mediator can be configured to perform de-duplication of DNS resource records as exported by YAF. See here for the list of changes for this release.
  • pfring-7.0.0-1513.{el6,el7}.x86_64.rpm - PF_Ring is a new type of network socket that dramatically improves the packet capture speed. This package contains header files and libraries, among other files, to support the PF_Ring network socket.
  • pfring-dkms-7.0.0-1513.{el6,el7}.x86_64.rpm - PF_Ring is a new type of network socket that dramatically improves the packet capture speed. This package conains the code and supporting files needed to create the PF_Ring kernel module.