headers
Robert Edmonds | 30 Apr 2013 02:54

rsf-freebsd-ports 0.3 released

http://rsfcode.isc.org/dist/rsf-freebsd-ports/rsf-freebsd-ports-0.3.tar.gz

http://rsfcode.isc.org/git/rsf-freebsd-ports/

this release updates the freebsd port for 'nmsg' to 0.7.3.

--

-- 
Robert Edmonds
edmonds <at> isc.org

_______________________________________________
nmsg-dev mailing list
nmsg-dev <at> lists.isc.org
https://lists.isc.org/mailman/listinfo/nmsg-dev
Permalink | Reply | 0 comments |
headers
Robert Edmonds | 30 Apr 2013 02:53

nmsg 0.7.3 released

http://rsfcode.isc.org/dist/nmsg/nmsg-0.7.3.tar.gz

nmsg (0.7.3)

  * The rate-limiting function nmsg_rate_sleep() has been completely
    rewritten in order to sleep much more often and with shorter timeouts.
    At low to moderate event rates, nmsg_rate_sleep() will now result in a
    system-level sleep at almost every invocation.

  * If nmsg_output_set_rate() is used to attach an nmsg_rate_t object to an
    nmsg_output_t object, nmsg_output_close() will now no longer implicitly
    call nmsg_rate_destroy() on the associated nmsg_rate_t object.
    Additionally, internal calls to nmsg_rate_sleep() will now be performed
    while holding the stream output lock. These changes allow library users
    to share an nmsg_rate_t object across more than one output.

  * Rate-limiting in nmsg_output is now performed on a per-packet rather
    than on a per-payload basis.

  * If using rate-limiting on output sockets, nmsgtool will default to a
    "freq" setting of 10 rather than the previous value of 100.

  * If using a port range to specify multiple output sockets while also
    specifying a rate-limit, nmsgtool will use a shared rate-limiter across
    each of the output sockets in the range. Due to this change and the
    switch to per-packet rather than per-payload rate-limiting, the
    semantics of the optional rate parameter to nmsgtool's --writesock
    option have changed.

  * New function nmsg_timespec_add().
(Continue reading)

Permalink | Reply | 0 comments |
headers
Robert Edmonds | 15 Mar 2013 22:47

rsf-freebsd-ports 0.2 released

http://rsfcode.isc.org/dist/rsf-freebsd-ports/rsf-freebsd-ports-0.2.tar.gz

http://rsfcode.isc.org/git/rsf-freebsd-ports/

this release updates the freebsd port for 'nmsg' to 0.7.2.

--

-- 
Robert Edmonds
edmonds <at> isc.org

_______________________________________________
nmsg-dev mailing list
nmsg-dev <at> lists.isc.org
https://lists.isc.org/mailman/listinfo/nmsg-dev
Permalink | Reply | 0 comments |
headers
Robert Edmonds | 15 Mar 2013 22:44

sie-dns-sensor 0.7.2-1 released

http://rsfcode.isc.org/dist/sie-dns-sensor/0.7.2-1/

https://kb.isc.org/article/AA-00535

this release is built against the latest nmsg 0.7.2 release, though
without libxs support, which is not needed for the SIE DNS sensor.  i've
also re-built the build environments that we use to compile the rpm and
deb packages for sie-dns-sensor.

the debian packages for sie-dns-sensor are now built on debian 6.0
"stable" (previously they were being built on debian 5.0 "oldstable").
support for "oldstable" has now been dropped, as this OS has been EOL'd
by the vendor.  (this allows us to avoid including a copy of libbind in
sie-dns-sensor on debian platforms now.)

the RPM packages for sie-dns-sensor are now built on centos 5 and 6.
previously we were also building on centos 4, but the centos 4 and RHEL 4
operating systems have since been EOL'd by their vendors.

--

-- 
Robert Edmonds
edmonds <at> isc.org

_______________________________________________
nmsg-dev mailing list
nmsg-dev <at> lists.isc.org
https://lists.isc.org/mailman/listinfo/nmsg-dev
Permalink | Reply | 0 comments |
headers
Robert Edmonds | 15 Mar 2013 22:23

nmsg 0.7.2 released

http://rsfcode.isc.org/dist/nmsg/nmsg-0.7.2.tar.gz

nmsg (0.7.2)

  * Fix a segfault in nmsgtool when -U (--username) was specified on the
    command line without -P (--pidfile).

  * nmsg can now be built without libxs support by specifying
    "--without-libxs" to configure.

  * Build system: the directory to install the libnmsg pkg-config file to can
    now be overridden by specifying the --with-pkgconfigdir parameter to
    configure.

  * Build system: add "make check" target that runs tests.

  * Build fix: explicitly link examples/nmsg-dnsqr2pcap against libpcap.

  * Portability: use fallback htole32()/le32toh() functions on old systems.

 -- Robert Edmonds <edmonds <at> isc.org>  Tue, 12 Mar 2013 17:33:22 -0400

--

-- 
Robert Edmonds
edmonds <at> isc.org

_______________________________________________
nmsg-dev mailing list
nmsg-dev <at> lists.isc.org
(Continue reading)

Permalink | Reply | 0 comments |
headers
Mert Kara | 22 Jan 2013 21:16
Picon
Picon
Favicon

pywdns and dnsdedupe

What would be the best way to parse rdata field in the presentation format of rrtype?

Thanks,

MK


_______________________________________________
nmsg-dev mailing list
nmsg-dev <at> lists.isc.org
https://lists.isc.org/mailman/listinfo/nmsg-dev
Permalink | Reply | 0 comments |
headers
Mert Kara | 22 Jan 2013 21:18
Picon
Picon
Favicon

pywdns and dnsdedupe

What would be the best way to parse rdata field in the presentation format of rrtype?

Thanks,

MK


_______________________________________________
nmsg-dev mailing list
nmsg-dev <at> lists.isc.org
https://lists.isc.org/mailman/listinfo/nmsg-dev
Permalink | Reply | 1 comment |
headers
Dan Brodsky | 14 Nov 2012 14:31
Picon

nmsg msgmod version mismatch error

Greetings,

I am trying to build the sie-nmsg-0.14 package on a RHEL x86_64 system. I have previously built and installed wdns-0.4 and nmsg-0.7.1 (which also involved installing protobuf-2.4.1 and protobuf-c-0.15).

When I run the configure script, it will not complete, and I get the following error in config.log:

------ snip ------
| #define HAVE_NMSG_MSGMOD_PLUGIN 1
| /* end confdefs.h.  */
|             #include <nmsg/msgmod_plugin.h>
| int
| main ()
| {
|             if (NMSG_MSGMOD_VERSION == 8)
|                 return (0);
|             else
|                 return (1);
|   ;
|   return 0;
| }
configure:13123: error: in `/home/dbrodsky/sie-nmsg-0.14':
configure:13125: error: nmsg msgmod version mismatch
------ snip ------

In /usr/local/lib/nmsg I have nmsg_msg8_isc.a, nmsg_msg8_isc.la, and nmsg_msg8_isc.so files. Is there a flag I need to pass into the configure script to get it to read these? Or perhaps another config parameter or prerequisite I am missing?

I'm installing this package so I can read ch204 nmsg files. When I try to read with nmsgtool now, it gives me a bunch of "<UNKNOWN NMSG 2:1>" errors for each record in the file.

Cheers,

Dan
_______________________________________________
nmsg-dev mailing list
nmsg-dev <at> lists.isc.org
https://lists.isc.org/mailman/listinfo/nmsg-dev
Permalink | Reply | 4 comments |
headers
A. Mert Kara | 16 Oct 2012 22:48
Picon
Picon
Favicon

reading dnsdedupe message

I figured out the problem. I could read the presentation of the nmsg  
file. However I have another problem with parsing dnsdedupe msgs with  
libnmsg. I am having trouble to read the field value of rdata from  
dnsdedupe.

first I get the field value:
result = nmsg_message_get_field(msg, "rdata", 0, (void **)&_uint8_tmp,  
&_tmp_len);

then I try to parse it with wdns. the result returns as HEX value.
   char *buf = wdns_rdata_to_str(_uint8_tmp, _tmp_len,  
*(dnsdedupe.rrtype),*(dnsdedupe.rrclass));

Am I missing something here?

Thanks

MK
Permalink | Reply | 0 comments |
headers
Mert Kara | 14 Oct 2012 23:01
Picon
Picon
Favicon

reading dnsdedupe message

Hi,

I am trying to read the output of channel 204 with nmsgtool and I keep getting empty results. Initially I tried to read it with -r flag however it returns the messages with empty cells and <UNKNOWN NMSG 2:1>. Then I thought, perhaps I can pass the message type (-T dnsdedupe) and vendor Id (-V SIE) with it and I got "nmsgtool: usage error: invalid vendor ID" result. 

How can I output the presentation of the channel 204 data file that I captured by nmsgtool (version:0.6.17).

Thank you,

MK
_______________________________________________
nmsg-dev mailing list
nmsg-dev <at> lists.isc.org
https://lists.isc.org/mailman/listinfo/nmsg-dev
Permalink | Reply | 0 comments |
headers
Robert Edmonds | 25 Jul 2012 23:59

nmsg moved to rsfcode site, 0.7 releases

hi,

nmsg has been moved to a new "RSF software repository" site:

    http://rsfcode.isc.org/

the new site distributes tarballs, debian packages, and git repositories
for nmsg as well as other RSF software projects.

nmsg 0.7.0 was tagged and released a while back, but i forgot to send a
release announcement.  that release contains some significant
refactoring work which should be largely invisible to users; support for
Crossroads I/O transports, which allows transferring NMSG payloads over
TCP and unix sockets; a new ingress byte rate limit for file inputs
(nmsgtool -B); and a new DNSQR_CAPTURE_QR mode for the ISC/dnsqr module
which can be used to disable state reconstruction in dnsqr and capture
DNS queries only or DNS responses only.

nmsg 0.7.1 is a minor bugfix release due to API changes in the latest
version of libxs (Crossroads I/O).

the latest nmsg is available from:

    http://rsfcode.isc.org/git/nmsg/

--

-- 
Robert Edmonds
edmonds <at> isc.org
Permalink | Reply | 4 comments |

Gmane