v0.6.1

Changelog

05182cf added chart rendering for collector throughput
e0fdeb1 chore: bump version and fix goreleaser build err
8831a29 chore: clean
096af25 chore: cleanup
3a29432 chore: cleanup and roadmap
3e8c494 feat: add support to read LinkTypeLinuxSLL pcaps
870533d v0.6.1 release
2aa5170 v0.6.1 release
5d662cb v0.6.1 release
f1389b3 v0.6.1 release

v0.6.0

• Version used for Master Thesis experiments

v0.4.7

Changelog

ffee8f9 remove debug
bd94ed4 removed cobra commandline refactoring from master branch, to fix go get invocation
6759e53 upgrade gopacket with fix for dns parser
9f7b838 v0.4.7 release

v0.4.6

Changelog

599ced2 fixes for windows: release archive compression as zip, empty pcap file removal error
93e172a v0.4.6 release

v0.4.5

Bugfixes for HTTP audit record generation and TCP stream reassembly
Cleanups and documentation improvements
Compiled with go 1.14

Changelog

1e6f65b HTTP encoder cleanup and comments
4331796 added comment for TrimFileExtension
e6b3a36 added comments
d795f22 added utility func for printing collector config
2376b46 bumped Dockerfile versions
1cd6753 fixed http encoder bug that lead to varying number of generated http audit records
6309125 fixed install-race zeus command
39a05b8 http decoder debugging and cleanup
b4e7ce5 module cleanup
392c354 removed NumWorkers config field
964915d v0.4.5 release
5a2d18a version bump in Dockerfiles

v0.4.4

Changelog

d8aa14e GitBook: [master] 10 pages modified
767852a Merge branch 'master' of github.com:dreadl0ck/netcap
bc5c63a added flag to list all visible network interfaces to all tools that support live capture
2040fa2 added netcap.PrintBuildInfo, added commit id to generated version file, ldflag cleanup
7231959 fix PrintBuildInfo go import path
eb48668 improved error messages when using wrong filetypes with capture and dump tools
dcc9d15 label tool logging cleanup
e33db67 linux builds cleanup, push alpine and ubuntu container to registry
ef8eeb5 pass membuf size to encoders
3e6dba4 switched to pgzip, removed using fs block size as buffer size, made buffer size configurable and set default to 10MB
384c9d9 v0.4.4 release
21e119e version bump

v0.4.3

Changelog

d49c8f8 added goreleaser ids
756192c added log about numCPUs and set value to max explicitely
3ffe60f compress labeled CSV files to save storage space
1db124e context cleanup and testing
0acb5d4 fix modbus fields
c6a532a fixed docker builds
2e4b029 implemented ENIP
2d4e502 implemented support for Common Industrial Protocol
ef5f54b improve error message when audit record interface is not implemented, added missing functions for conn and flow
ac882ab merged ics branch
8ba3b04 mod tidy
d9ede55 modules update
0faa472 print gopacket build info when starting capture tool, modbus fixes and testing
ae91ec5 regenerated pb type defs
deb9766 set snaplen to sane default for tcp stream reassembly
ad30874 updated Audit Record interface, added support for labeling with custom attack information
22132f5 updated modbus
9cd5936 updated to custom labeling logic
fffdf76 use dreadl0ck/gopacket
a97f49f version bump 0.4.3

v0.4.2

Changelog

4c2f18b added DumpConfig and improved documentation for godoc
9e27203 commands disable auto commit
a484bc5 dump tool: added flag to dump as JSON
b808ba7 gen version package description update
eb7de3f implemented adding context information to audit records
398cd69 updated gopacket to master branch
f9afafc updated logo graphic to use jpg in README
e164035 v0.4.2 release

v0.4.1

Changelog

55926ea added support for compiling in an ubuntu docker container
cf67baa added support for generating CSV with net.capture
f22fb54 bootstrapped cli tool using cobra
49a4c6f bumped version to 0.4.1
590e2b5 cleanup
2fb9a27 cleanup
735f9b7 finished implementing the AuditRecord interface for OSPFv2 and v3
805a1d9 go modules housekeeping
38c5f8d implemented delimited byte reader and writer for netcap to get rid of dependency
5d4cf58 improved error message when initializing an encoder that does not implement the AuditRecord interface
4a4f6a5 improved logging for net.collect
7c00a5c install scripts cleanup
c89901e refactored Dockerfile for alpine container
d65e65e regenerated install script for v0.4
c1c65ab updated release script

v0.4.0

Changelog

This release will be presented at HITB 2019 on Friday! Stay tuned.

f9cb382 GitBook: [master] 10 pages and 6 assets modified
f0a60b9 GitBook: [master] 12 pages and one asset modified
232ecd0 GitBook: [master] 13 pages and 25 assets modified
dc9509e GitBook: [master] 17 pages modified
8979d79 GitBook: [master] 2 pages modified
3b42f2d GitBook: [master] 2 pages modified
7ffe02c GitBook: [master] 3 pages modified
299734c GitBook: [master] 5 pages and one asset modified
ed60793 GitBook: [master] 8 pages and one asset modified
db654f0 GitBook: [master] 9 pages and 3 assets modified
3b8a0ff GitBook: [master] one page modified
3bcba97 Merge branch 'master' of github.com:dreadl0ck/netcap
a8708c0 Merge branch 'master' of github.com:dreadl0ck/netcap
6bbb8d6 Merge branch 'master' of github.com:dreadl0ck/netcap
ff898ea Merge branch 'master' of github.com:dreadl0ck/netcap
80d6bee Merge branch 'master' of github.com:dreadl0ck/netcap
0fbf912 Merge branch 'master' of github.com:dreadl0ck/netcap
9b58e51 Merge branch 'master' of github.com:dreadl0ck/netcap
984134f added -version flag to all commandline tools
be4920b added build-docker-alpine zeus command to build and push the netcap docker container to dockerhub
bd9d4d1 added comment to http audit record enhanced fields
f5b9950 added exmaple config for proxy
679bb02 added flags to exporter
2f40074 added gen-proto-release to generate protobuf type defs for: python,java,swift,rust,cpp,csharp,js
1eb9cb8 added gitbook config file
6471986 added metrics to collector and a new flag to free OS memory in a specified interval if desired
461e3e8 added net.util
3828193 added new HTTP fields
8e67a07 added notes on decoding protobuf data
7eb4b36 added optional payloads for modbusTCP
76935fb added static-analyze command
ca6d984 added stats for custom decoders
cccae06 added zap logging package
36e9e62 added zeus command to compile net.util
3a797fa bootstrapped netcap HTTP reverse proxy: net.proxy
3c519e8 bootstrapped whats new section
c2d8490 bootstrapping prometheus metrics
ef6acf2 cleanup
237c05e cleanup
9261ff0 cleanup
7225d7f cleanup and comments
0d0e065 commandline tools and documentation updates
736f8db deleted old files
0ca0a25 deleted old python experiments
bd8d585 disabled capture of LinkFlow, NetworkFlow and TransportFlow by default, since these are represented in the regular Flow model
06fc5e7 emitting encoder and field overview as markdown
ee2869e encoder: added support for exporting metrics live
08ebf4f extracted netcap.Writer and bumped version to 0.4.0
bbe9c11 fix: SIP incorrect CSV header values
8e42983 fixed audit record graphic being displayed incorrectly in some browsers
3fe65e2 golangci-lint feedback: error handling and code simplifications
0276662 graffle update
c078c23 implemented interface for dumping as JSON on all audit record types
03fb8db improved error messages and discarding errors when cleaning up suricata logfiles for netlabel tool
2c9d96f metrics testing, exporting connections and flows, fixed flushing configuration via flags
b3ef499 more metrics
530b524 moved graphis folder into docs
286b907 moved printing logo to main utils
fb87d1a moved pynetcap into separate git repository
b925b98 net.export: added option to export all dumps in a directory, added flag for replaying the packets with the delay they were captured
1ad4b14 net.export: improved replay functionality
a31c8f6 netlabel: add support for parsing IPv6 addresses from suricata logs
664eede netlabel: added -suricata-config flag to specify the path to the suricata config file
0afa05c netlabel: error handling and debug mode
e43bfb2 preparations for prometheus metrics
1dde6f8 preparing for 0.4 release
495d0e2 printing usage examples when no args given to net.cap
454ee76 progress on metrics
ab8b6a1 prometheus metrics: finished implementing Inc() Method for AuditRecord interface on all type defs
1509590 proxy: add target url to created audit record file
0ccbae6 pynetcap: added support for reading audit records into a pandas dataframe in python
11bd1ba readme fix
44f740c readme fixes
d216e43 readme update
937aeaa readme wording update
dadc6d4 readme wording update 2
976c24f refactored func for serving metrics
b9f1efd regenerated proto type defs
2dd77c5 removed debugs
f112258 removed dist folder from git tracking, releases are available via github
97011c7 removed gitbook files
7608c9f renamed types.CSV interface to types.AuditRecord
cb8496b restored readme
ce34d9a restructured command line tools and updated build configuration
e777c51 restructured commandline tools
9b49bc7 restructured commandline tools
50c8ca0 syscall.Statfs not available on windows
f6c55b1 testing and fixes
23f4e29 update README graphic paths
42bcf44 updated HTTP audit records generated by net.proxy
ed4898d updated cloc command
03939de updated cloc command to exclude generated protobuf defs for recently added languages
b7372e0 updated docs, added cheatsheet and overview
9335af1 updated ethernet, ip, udp and tcp metrics to expose payload entropy and size as histograms
fbe02b6 updated gen-proto command to move python output to new repository
2499b1d updated gitignore
7350e57 updated http proxy
2d5eb8a updated metrics for flows and connections
2c2d535 updated metrics to skip timestamp
a215c56 updated net.dump README and usage examples
97cca5f updated net.export README and usage examples
ef6cc0c updated net.label README and usage examples
a1af848 updated net.proxy README and usage examples
f70e354 updated net.util README and usage examples
d0a3a8a updated release config
55f96e6 updated release config
2b41f6e updated version bump command