Recent blog posts
- Weekly Report -- 20/01/2017
- Weekly Report for week ending 13 January 2017
- Weekly Report -- 13/01/2017
- Weekly report 13/01/2017
- Weekly Report -- 06/01/2017
- Libprotoident 2.0.10 Released
- Weekly Report -- 16/12/2016
- Weekly Report 9th December
- Weekly Report for Week ending 9 December 2016
- Weekly Report -- 09/12/2016
WAND is a research group at the University of Waikato Computer Science Department. The group is involved with a range of computer networks projects mostly focused around network measurement. The group has a strong international reputation and has close links, including collaborative research, with several other network measurement groups. These include CAIDA, Sprint and Agilent.
Our work includes collection of very long trace sets, network analysis and software to support this, active measurement systems, wireless networks for rural communities, rapid deployment networks, OS code based network simulation and network visualisation. Spinoffs from our work include Endace and Rural Link.
WAND Interesting Blogs
Libprotoident 2.0.10 has been released.
This release includes rules to match new traffic patterns for many of the protocols that we introduced in the 2.0.9 release. We've also added two new protocols: BACnet and Maxicloud.
This release also no longer treats TCP keepalive packets as payload-bearing.
The full list of updated protocols can be found in the new libprotoident ChangeLog.
Libtrace 4.0.0 is now out of beta and considered ready for general release.
We've fixed quite a few bugs over the course of the beta. More details can be found on the ChangeLog page on libtrace wiki. However, while we're no longer in beta, there may still be a few bugs out there -- don't hesitate to report any problems you find to us at contact [at] wand [dot] net [dot] nz.
Another major change since the beta release is that we've re-licensed libtrace and libpacketdump to be under the LGPL v3 (rather than the GPL v2). Hopefully this will encourage people who were turned off by the restrictions of the GPL to now adopt libtrace for their packet capture and analysis needs.
This version of libtrace includes an all new API that resulted from Richard Sanger's Parallel Libtrace project, which aimed to add the ability to read and process packets in parallel to libtrace. Libtrace can now also better leverage any native parallelism in the packet source, e.g. multiple streams on DAG, DPDK pipelines or packet fanout on Linux interfaces.
Please note that the old libtrace 3 API is still entirely intact and will continue to be supported and maintained throughout the lifetime of libtrace 4. All of your old libtrace 3 programs should still build and run happily against libtrace 4; please let us know if this turns out to not be the case so we can fix it!
Learn about the new API and how parallel libtrace works by reading the Parallel Libtrace HOWTO.
Download the new release from the libtrace website.
Libwandio 1.0.4 has been released today.
The main change in this release is that the licensing has moved from GPL v2 to LGPL v3.
The other major change is that we've hopefully finally fixed all of the segmentation faults that would occur if you used wandio on a 32-bit system.
More details on the changes in this release can be found in the Changelog file included with the libwandio source code.
You can download the new version of libwandio from our website.
A new version of libflowmanager has also been released today.
Once again, the main change is that the licensing has moved from GPL v2 to LGPL v3.
We've also made some changes to make it easier to experiment with different flow expiry algorithms. Flow expiry behaviour is now implemented as separate plugins, rather than being hard-coded into libflowmanager itself. This means if you like the structure of libflowmanager but don't agree with our timeouts for inactive flows, you are able to write your own without having to touch the core of the library. We also added a couple of other config options that allow you to further tweak timeout behaviour -- see the ChangeLog included with the source code for more details.
You can download the new version of libflowmanager from our website.
We've also put libflowmanager up on our github, so you can follow any future libflowmanager development more closely.
Libprotoident 2.0.9 has been released today.
The biggest change in this release is that libprotoident is now using the LGPL v3 license rather than the GPL v2 license. We hope that this will be welcome news to some people who had previously wanted to use libprotoident in their software but were put off by the restrictions of the GPL license. Note that we are aware that our other libraries (libtrace, libflowmanager, wandio) that libprotoident depends on are still GPL -- rest assured that LGPL versions of these libraries will appear soon.
We've also added support for another 12 new application protocols, including Facebook Messenger, Facebook Zero, Overwatch and Baidu Yun P2P. We've improved the rules for a further 16 protocols such as Google Hangouts, Minecraft, QUIC, World of Warcraft and DOTA2.
As always, the full list of changes can be found in the libprotoident ChangeLog.
We've been doing a lot of collaborative work with our ISP partners lately and one thing that has become increasingly apparent to me is the disconnect between what ISPs expect from measurement / monitoring software and what researchers typically have the time and energy to implement.
More specifically, researchers are very good at developing new or improved measurement techniques but they are not so great at developing the necessary infrastructure around the measurements to make it easy for ISPs to deploy and use the new techniques in a production environment. As a result, the ISPs tend to fall back on tried and true monitoring software (e.g. Smokeping) even though our conversations with operators suggest that they would prefer more than just the simple metrics and graphs that such tools provide.
- 1 of 7