yaf - Yet Another Flow sensor
YAF is Yet Another Flow sensor. It processes packet data from pcap(3) dumpfiles as generated by tcpdump(1) or via live capture from an interface using pcap(3) or an Endace DAG card into bidirectional flows, then exports those flows to IPFIX Collecting Processes or in an IPFIX-based file format. YAF's output can be used with the NetSA Aggregated Flow (NAF) toolchain.
|yaf-2.14.0-1.fc36.x86_64 [630 KiB]||
by Lawrence R. Rogers (2023-03-23):
* Release 2.14.0-1 Changed DNS deep packet inspection to produce names and text records with escape codes for special characters (non-ASCII, non-printable, special whitespace, and label-internal dots in names). Made DNS deep packet inspection more strict about parsing malformed DNS Resource Records across RR boundaries within the packet. Changed destination of --version output to the standard output.