Jump to letter: [
ALPSY
]
yaf - Yet Another Flow sensor
- Description:
YAF is Yet Another Flow sensor. It processes packet data from pcap(3) dumpfiles
as generated by tcpdump(1) or via live capture from an interface using pcap(3)
or an Endace DAG card into bidirectional flows, then exports those flows to
IPFIX Collecting Processes or in an IPFIX-based file format. YAF's output can
be used with the NetSA Aggregated Flow (NAF) toolchain.
Packages
| yaf-3.0.0.alpha3-1.fc39.x86_64
[411 KiB] |
Changelog
by Lawrence R. Rogers (2023-07-18):
* Release 3.0.0.alpha3-1
Changed DNS deep packet inspection to produce names and text records with escape codes for special characters (non-ASCII, non-printable, special whitespace, and label-internal dots in names).
Made DNS deep packet inspection more strict about parsing malformed DNS Resource Records across RR boundaries within the packet.
Enhanced the --time and --etime options of yafMeta2Pcap to accept a human-readable timestamp in addition to milliseconds.
Changed the destination of --version output to the standard output.
Changed yaf to only export the fingerprint-related elements (firstPacketBanner, etc) when the --fpexport option is given. (Requires YAF to be built with --enable-fpexporter.)
Changed yaf to only export the p0f-related elements (osName, etc) when the --p0fprint option is given. (Requires YAF to be built with --with-p0f.)
Fixed a crash in YAF that occurs when it is built with GLib 2.75.3 or newer.
|