Skip to content

Releases: chazlever/rickybobby

v1.0.5

10 Oct 18:09
Compare
Choose a tag to compare

This release improves parsing capabilities and updates dependencies to their latest versions.

  • Change gopacket library to fork to add better parsing capabilities (e.g., LinuxSLL2 packets)
  • Avro library bumped to 2.x
  • Update DnsSchema to adhere to Go programming guidelines

These changes should result in the parser being able to parse more packet types and patch potential security issues in older versions of libraries.

v1.0.4

14 Apr 22:37
Compare
Choose a tag to compare

Add new output format and fix handling of responses without any RRs

  • Refactored code to support Avro and potentially other output formats
  • Changed how "empty" responses (i.e., without any RRs) are handled by the parser

These changes will result in more responses being returned by the parser and should enable pluggable output formats in the future

v1.0.3

02 Mar 23:06
Compare
Choose a tag to compare

Add a couple minor fixes.

  1. Update old references in the README
  2. Change the Go module path so go get github.com/chazlever/rickybobby should now work

No new functionality was added in this release.

v1.0.2

17 Jul 03:25
Compare
Choose a tag to compare

Add several bug fixes that led to incomplete PCAP parsing and/or crashes.

  1. Fix BPF filter to work with tagged/untagged network traffic (for more details see here)
  2. Fix crash caused by referencing missing/unknown network or transport layers

No new functionality was added in this release.

v1.0.1

11 Jul 06:19
ead4311
Compare
Choose a tag to compare

Add performance improvements to the packet parsing loop via the following changes:

  1. Add BPF filtering for PCAP files
  2. Switch to non-channel based loop using packet.NextPacket()
  3. Turn on packetSource.LazyDecode to prevent parsing application layer data twice

These changes seem to have resulted in a roughly 15-20% improvement in performance over version 1.0.0.

v1.0.0

23 Jun 07:26
Compare
Choose a tag to compare

This is the initial release of the rickybobby DNS parser. It is mostly feature complete with the exception of TCP parsing which is currently unimplemented.