User login

WAND News

21

Feb

2014

Libtrace 3.0.19 has been released -- more info here

05

Nov

2013

Libprotoident 2.0.7 has been released - more info.

28

Jun

2013

Libtrace 3.0.18 has been released -- more info here

24

Apr

2013

Libtrace 3.0.17 has been released -- more info here

03

Jan

2013

Libtrace 3.0.16 has been released -- more info here

Syndicate content

WAND Group

board
WAND is a research group at the University of Waikato Computer Science Department. The group is involved with a range of computer networks projects mostly focused around network measurement. The group has a strong international reputation and has close links, including collaborative research, with several other network measurement groups. These include CAIDA, Sprint and Agilent.

Our work includes collection of very long trace sets, network analysis and software to support this, active measurement systems, wireless networks for rural communities, rapid deployment networks, OS code based network simulation and network visualisation. Spinoffs from our work include Endace and Rural Link.

WAND Interesting Blogs

20

Mar

2014

The source code for both our libtrace and libprotoident libraries is now available on GitHub. Developers can freely clone these projects and make their own modifications or additions to the source code, while keeping up with any changes that we make between releases.

We're also more than happy to consider pull requests for code that adds useful features or support for new protocols / trace formats to our libraries.

Look out for more of our open-source projects to make their way onto GitHub soon!

Links:
Libtrace on GitHub
Libprotoident on GitHub

21

Feb

2014

Libtrace 3.0.19 has been released.

The main purpose of this release is to fix a problem that prevented the libtrace 3.0.18 release from building on FreeBSD 10. A number of other minor bugs were also fixed, such as some libpacketdump decoding errors on big-endian CPUs and a bug in the ring: format that led to set_capture_length changing the wire length instead of the capture length.

This release also incorporates a patch from Martin Bligh that adds support for reading pcap traces that support nanosecond timestamp resolution via the pcapfile: URI.

The full list of changes in this release can be found in the libtrace ChangeLog.

You can download the new version of libtrace from the libtrace website.

05

Nov

2013

This release adds support for 14 new protocols including League of Legends, WhatsApp, Funshion, Minecraft, Kik and Viber. A new category for Caching has also been added.

A further 13 protocols have had their rules refined and improved including Steam, BitTorrent UDP, RDP, RTMP and Pando.

This release also fixes the bug where flows were erroneously being classified as No Payload, despite payload being present.

The full list of changes can be found in the libprotoident ChangeLog.

Download libprotoident 2.0.7 here!

28

Jun

2013

Libtrace 3.0.18 has been released.

This release fixes several bugs that have been reported in 3.0.17. In particular, this release fixes several crash bugs in the libtrace tools that were reported by the Mayhem team at Carnegie Mellon University. It also addresses a rare bug where the compression auto-detection could trigger a false positive on uncompressed ERF traces by including a new format URI (rawerf:) that can be used to force libtrace to treat the traces as uncompressed. We have also tightened up the compression auto-detection somewhat to reduce the likelihood of the bug occurring.

It is highly recommended that you explicitly use the rawerf: format if you are working with large numbers of uncompressed ERF traces.

The full list of changes in this release can be found in the libtrace ChangeLog.

You can download the new version of libtrace from the libtrace website.

24

Apr

2013

Libtrace 3.0.17 has finally been released.

This release adds some new convenience functions to the libtrace API and fixes a number of bugs, many of which have been reported by users.

The major changes in this release are:
* Added API functions for getting the IP address from a packet as a string.
* Added API functions for calculating packet checksums at the IP and transport layers.
* Fixed major bug where the event API was not working with int: inputs.
* Fixed broken checksum calculations in tracereplay.
* Fixed bug where IP headers embedded inside ICMP messages were not being anonymised by traceanon.
* Added API support for working with ICMPv6 headers.

The full list of changes in this release can be found in the libtrace ChangeLog.

You can download the new version of libtrace from the libtrace website.

03

Jan

2013

Libtrace 3.0.16 has been released.

This release includes the new ring: format which is a much more efficient version of the existing int: format. More details on how ring: works and how much better it is than int: can be found here.

People currently using int: are encouraged to give ring: a try - at best, there should be no obvious difference between the two aside from your program using a lot less CPU time. If there are problems, bugs or strange behaviour, please let us know (email contact at wand.net.nz) so we can fix it in the next release.

This release also fixes the problems that occur when trying to capture packets using 'pcapint:any' as input and write them to disk using a different (i.e. non pcap) format and the double free bug that would occur when calling trace_destroy after using trace_event to read packets from a trace file.

The full list of changes in this release can be found in the libtrace ChangeLog.

You can download the new version of libtrace from the libtrace website.

Syndicate content