From djm at mindrot.org Mon Jan 10 11:12:10 2005 From: djm at mindrot.org (Damien Miller) Date: Mon, 10 Jan 2005 11:12:10 +1100 Subject: [netflow-tools] Netflow tools mailing list Message-ID: <41E1C85A.8070209@mindrot.org> Hi, This list is for the support, discussion and development of the NetFlow tools developed at mindrot.org. This includes softflowd[1], pfflowd[2] and flowd[3]. This list is expected to be fairly low volume (zero at first!) and I'll try to keep it this way by fissioning tools into separate lists if the volume gets beyond a few messages per day. This list is presently closed to posting from non-subscribers, this may if there is demand. Please do not post HTML to this list. Thanks, Damien miller From djm at mindrot.org Sat Jan 15 17:14:29 2005 From: djm at mindrot.org (Damien Miller) Date: Sat, 15 Jan 2005 17:14:29 +1100 Subject: [netflow-tools] Announce: softflowd-0.9.7 Message-ID: <41E8B4C5.1020106@mindrot.org> softflowd-0.9.7 has just been released. It is available from http://www.mindrot.org/softflowd.html Softflowd is flow-based network traffic analyser capable of Cisco NetFlow data export. Softflowd semi-statefully tracks traffic flows recorded by listening on a network interface or by reading a packet capture file. These flows may be reported via NetFlow to a collecting host or summarised within softflowd itself. softflowd fully supports IPv6 for both flow tracking and export and can emit NetFlow version 1, 5 and 9 datagrams. Changes since softflowd-0.9.6: ============================ * Support export to multicast groups and add option to specify the IPv6 hoplimit / IPv4 TTL. * Fix compilation on some Linux variants that lack a definition for struct ip6_ext (fixed by paolo.lucente AT ic.cnr.it) * Fix endian problem in Netflow v.9 source/destination port export Checksums: ========== - MD5 (softflowd-0.9.7.tar.gz) = f7d16ff93fd31903840a7d9faff672a9 Reporting Bugs: =============== - Please http://bugzilla.mindrot.org/ and the netflow-tools at mindrot.org mailing list. To subscribe to this mailing list, please use the web interface at http://www.mindrot.org/mailman/listinfo/netflow-tools Damien Miller From djm at mindrot.org Sat Jan 15 17:15:00 2005 From: djm at mindrot.org (Damien Miller) Date: Sat, 15 Jan 2005 17:15:00 +1100 Subject: [netflow-tools] Announce: flowd-0.8 Message-ID: <41E8B4E4.8010405@mindrot.org> flowd-0.8 has just been released. It is available from http://www.mindrot.org/flowd.html flowd is a small, fast and secure NetFlow collector that supports NetFlow versions 1, 5, 7 and 9. It is fully IPv6 capable and supports capture of flows sent to multicast groups. flowd is privilege separated to limit the impact of any security vulnerability. Netflow logs are stored in a compact and flexible binary format that supports selection of which flow fields are stored. The flowd distribution provides C, Perl and Python APIs to read these logs. Changes since flowd-0.7: ======================== * Implement support for reception of flows sent to multicast group addresses. flowd.conf now includes a "join group" directive to specify which groups are joined at startup. * Added writing, concatenation and filtering of flowd logs to the flowd-reader tool. * Lots of documentation fixes from Tamas Tevesz Checksums: ========== - MD5 (flowd-0.8.tar.gz) = bbd8b245cc3482a92de67c804cd30646 Reporting Bugs: =============== - Please http://bugzilla.mindrot.org/ and the netflow-tools at mindrot.org mailing list. To subscribe to this mailing list, please use the web interface at http://www.mindrot.org/mailman/listinfo/netflow-tools Damien Miller